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Etsy’s  big  data  gurus  Dan  McKinley, 

Steve  Mardenfeld  and  Nell  Thomas  at  the 
company’s  Brooklyn,  N.Y.,  headquarters. 


Business 
Operations 
Per  Second: 
Unparalleled 
Cisco  Server 
Performance. 
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Industry-Leading 
Database  Performance 

34%  Faster2 


Cisco  Unified 

Computing 

System 


Unparalleled  Application  Performance 
with  Cisco  Servers. 


Find  out  more  at  cisco.com/sen/ers 


With 

Intel®  Xeor? 
processors 


il|lil|li  TCiMorrow 

CISCO  starts  here. 


For  more  performance  information,  visit  cisco.com/go/ucsbenchmarks . 

1  Based  on  SPECjbb2005  benchmark  on  Cisco  UCS  C220  M3  server  at  1,584.567  BOPS.  792.284  BOPS/ JVM.  2.  Based  on  TPC  Benchmark  C  Results  on  2  Processor  Systems.  Cisco  UCS  C240  M3  High-Density  Rack  Server  with  Oracle  Database  1 1g 
Release  2  Standard  Edition  One.  1.609. 186.39  tpmC.  $0.47/tpmC.  available  9/27/12  compared  to  IBM  Power  780  Server  Model  9179-MHB  with  IBM  DB2  9.5.  1.200.01 1.00  tpmC.  $0.69/tpmC .  available  10/13/10.  3.  Based  on  SPECjEnterprise2010 
benchmark  with  8  total  Java  EE  Server  processors  on  Cisco  UCS  B440  M2  servers  at  26,118.67  EjOPS  compared  to  RISC-based  IBM  Power  780  at  16,646.34  EjOPS.  SPEC*,  SPECjbb ®,  and  SPECjEnterprise *  are  registered  trademarks  of  Standard 
Performance  Evaluation  Corporation.  TPC  Benchmark  C®  is  a  trademark  of  the  Transaction  Performance  Processing  Council  (TPC).  The  performance  results  described  here  are  derived  from  detailed  benchmark  results  available  at  http://www.spec.org 
and  http: //www  tpc.org  as  of  1-15-2013.  ©20?  3  Cisco  and/or  its  affiliates.  Ail  rights  reserved.  All  third-party  products  belong  to  the  companies  that  own  them.  Cisco,  the  Cisco  logo,  and  Cisco  UCS  are  trademarks  or  registered  trademarks  of  Cisco. 
Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  U.S.  and/or  other  countries.  All  other  trademarks  are  the  property  of  their  respective  owners. 
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FROM  THE  EDITOR  JOHN  DIX 

New  SDN  urgency 

This  year  is  shaping  up  to  be  critical  in  the  devel¬ 
opment  of  software-defined  networking  technol¬ 
ogy,  and  two  new  events  are  helping  chart  the  way. 

Network  World  just  launched  an  event  focused  on  SDN  that 
attracted  some  100  New  York-based  practitioners  looking  for 
a  deep  dive  on  this  potentially  rule-changing  technology,  and 
the  next  day  in  Boston  saw  the  launch 
ui  the  first  SDN  user  group,  the  Open 
Networking  User  Group  (ONUG). 

Our  event  in  New  York,  chaired  by  longtime  Network 
World  contributor  Jim  Metzler,  vice  president  of  Ashton 
Metzler  &  Associates,  explored  the  potential  of  SDN,  the 
different  takes  on  the  tech,  and  the  promised  returns  and 
potential  inhibitors  to  adoption. 

Noting  that  standards  bodies  are  typically  composed 
of  vendors  that  fall  into  three  camps  —  one  pushing  the 
standard,  one  watching,  and  one  trying  to  slow  down  the  effort  —  Metzler  gave 
SDN’s  chances  high  marks  given  the  Open  Networking  Foundation  group  stan¬ 
dardizing  SDN  was  founded  by  buyers. 

And  as  far  as  we  have  come  in  so  little  time,  multiple  speakers  admitted  that  it  is 
still  early  days  for  SDN.  After  all,  it  took  server  virtualization  technology  almost  10 
years  to  become  mainstream,  and  the  SDN  OpenFlow  protocol  was  just  published 
at  the  end  of 2009,  Metzler  says. 

Next  stop  for  Network  World's  “Open  Network  Exchange:  SDN,  OpenFlow  &  Net¬ 
work  Virtualization”  conference  is  San  Francisco  March  12,  then  it  is  off  to  Dallas 
April  10  and  Chicago  May  14  (see  tinyurl.com/bqd5r4q  for  more  information). 

The  SDN  user  group  meeting  in  Boston  was  put  together  by  veteran  network 
industry  authority  Nick  Lippis  and  executives  from  Fidelity  Investments,  UBS, 
Goldman  Sachs,  JPMorgan  Chase  and  Gap  Inc.  Some  150  attendees  came  to  hear 
what  companies  like  Fidelity,  Microsoft  and  Verizon  are  doing  with  SDN. 

Press  participation  was  restricted  to  an  evening  reception,  but  the  ONUG  mem¬ 
bers  that  came  to  that  were  clearly  bullish  about  the  promise  of  SDN,  with  some  — 
notably  Verizon  and  Indiana  University  —  saying  they  are  already  benefiting  from 
limited  SDN  deployments. 

In  fact,  a  Lippis  survey  of  the  ONUG  participants  showed  that  16%  are  already 
in  limited  deployment,  while  28%  are  piloting  and  56%  are  still  reviewing  SDN.  Of 
the  people  reviewing  the  tech,  most  will  pilot  it  within  a  year.  Those  piloting  it  say 
they  will  go  to  deployment  within  one  to  three  years. 

The  latter  is  “a  little  concerning,”  Lippis  says.  “We  need  a  lot  of  companies  using, 
experimenting  with  SDN.  If  we  wait  one  to  three  years,  will  there  be  enough  ven¬ 
dors  left?  Will  those  companies  run  out  of  runway?  The  time  to  do  pilots  is  now.” 
You  can  get  involved  by  plugging  in  to  one  of  these  events. 
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DELIVERING  MEDICAL  RECORDS  TO  THE  RIGHT  PERSON 
AT  THE  RIGHT  TIME,  IN  THE  RIGHT  LOCATION  ISN’T  EASY 


BROCADE 


BUT  DEPLOYING  A  NETWORK  THAT  IMPROVES 
REAL-TIME  COLLABORATION  JUST  GOT  EASIER 


Brocade"  fabric-based  architecture  makes  it  easier  for  you  to  deploy  clinical 
systems  and  applications  across  your  entire  infrastructure.  Improving  patient 
care  through  technology  is  your  mission.  Making  networks  easier  to  deploy, 
manage,  and  scale  is  ours.  Let’s  work  together. 


The  battle  for  UC  in  the  enterprise 

©  MICROSOFT  HAS  AN  interesting  way  of 
showing  loyalty  to  one  of  its  former  part¬ 
ners.  Cisco  has  been  in  the  UC  market  as 
a  mainstay  for  many  years,  and  is  used  at 
more  than  85%  of  the  enterprise  installa¬ 
tions  worldwide  (Re:  “Cisco  declares  war 
on  Microsoft  unified  communications 
system”;  tinyurl.com/aauy6x2). 

Both  UC  and  IM  operate  in  a  similar 
space  that  is  used  by  a  large  segment  of 
either  UC  or  IM-only  resources,  blurring 
the  lines  on  the  value  proposition  of 
an  ASIC-based  hardware  installation 
(Cisco  UC  gear)  compared  to  IM  built  on 
the  readily  available  computing  power 
of  common  server  architectures  and 
commodity  PCs  (or  now,  laptops,  smart¬ 
phones,  tablets,  etc.).  The  bottom  line  is 
this  “looks”  simple  from  the  business 
user  view,  however  the  hardware  and 
software  complexities  are  a  necessary  evil 
to  maintain  the  stability,  security,  resil¬ 
ience  and  interoperability  that  is  required 
to  tie  back  to  an  antiquated  PSTN  system 
(speaking  of  the  SP  network  at  a  CLASS4 
switching,  SIP  gateway  interface). 

That  is  why  an  IM-based  system  does 
not  make  sense  in  the  enterprise  nor  in  the 
more  demanding  applications  (such  as 
resilient  call  centers,  multi-national  pri¬ 
vate  calling  plans,  etc). 

Steve  Weltman 

©CISCO  IS  DESPER¬ 
ATE.  There  are  many 
smaller  vendors  that 
have  been  innovating 
while  Cisco  and  other 
big-name  telephony 
companies  were  busy 
ripping  people  off  for 
the  past  decade  or  more. 

They  are  circling  the 
drain.  Good  riddance. 

Not  personally  a  user 
of  Microsoft  UC;  my 
office  implemented  a 
Fonality  PBX  last  year 
after  working  with  a 
good-size  Avaya  implementation  at  my 
previous  job.  We  have  all  the  usual  UC 
features  at  a  fraction  of  the  price  and  the 
desktop  integration  is  way  beyond  what 
the  big-name  losers  offer.  Vendors  like 
Cisco  and  Avaya  need  to  start  innovating 
and  lower  their  prices  significantly. 

Chip  Kempston 


Surface  Pro  flaw:  irreparability 

©  IF  THIS  COUNTRY  ever  needed  one 
more  law,  it  would  be  that  electronics 
should  be  repairable.  I’ve  been  in  the 
repair  business  for  over  46  years.  I 
witnessed  stereos  become  irreparable, 
i-anythings  are  close  to  throw-away  and 
knockoffs  have  always  been  that  way.  Last 
year  flat-screen  TVs  started  coming  in 
with  parts  mounted  on  the  rear  cover  and 
4-inch  connector  cables  so  you  can’t  run 
them  while  you’re  working  on  them.  Now 
this  (Re:  “iFixit’s  Surface  Pro  teardown 
shows  repairs  won’t  be  easy”;  tinyurl. 
com/alpjmxq). 

The  only  excuse  manufacturers  have 
is  that  if  you  make  it  too  costly  to  repair, 
it  has  to  be  good  for  sales.  While  that  is 
correct,  it  is  unnecessary,  wasteful  and, 
in  many  cases,  toxic  to  the  environment. 

In  most  cases  making  units  repairable 
would  add  no  more  than  1%  to  manufac¬ 
turing,  in  many  cases  it  would  seem  to 
cost  more  to  design  in  this  aggravation. 

Common_Tator 

BlackBerry  ZlO's  UI  impresses 

©  I’VE  BEEN  USING  mine  for  a  couple  of 
weeks  now  and  it  is  a  significant  upgrade 
from  the  iPhone  (Re:  “How  BlackBerry 
recreated  the  mobile  user  experience 

with  Z10”;  tinyurl.com/ 
bx9fb76). 

The  messaging  is 
far  superior,  and  even 
older  BlackBerries 
with  the  predictive 
text  (once  it  gets  used 
to  me)  makes  sending 
messages  far  quicker. 

If  I’m  in  an  app  I  can 
just  swipe  up  and  to  the 
right  to  peek  at  what 
the  message  is  and  go 
right  back  to  my  appli¬ 
cation.  And  the  link  to 
my  exchange  account 
has  worked  flawlessly. 

Buzz88 

©  I  HAVE  BEEN  using  the  device  for  about 
two  weeks.  It  is  hard  to  go  back  to  the 
iOS  way  of  doing  things  after  using  the 
phone.  One  thing  that  is  not  broadcast  is 
the  “Cards”  feature,  which  allows  apps  to 
draw  on  the  capabilities  of  other  installed 
apps.  A  neat  idea. 

Forestville 


Vendors  like 
Cisco  and 
Avaya  need  to 
start  innovat¬ 
ing  and  lower 
their  prices 
significantly. 
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Tap  your  data  center's  full  business  value. 

StruxureWare  for  Data  Centers  software  helps  cut  energy 
and  operational  costs  across  facilities  and  IT. 


The  right  information  at  the  right  time 

With  Schneider  Electric  StruxureWare'"  for  Data  Centers  software  suite,  you 
easily  can  access  the  right  information  at  the  right  time  to  make  informed 
decisions  related  to  resource  optimization,  energy  management,  and 
operational  efficiency. 

Data  center  visibility  =  business  vitality 

Our  pioneering  data  center  infrastructure  management  (DCIM)  software 
provides  complete  visibility  across  your  enterprise  —  from  the  building  level 
down  to  the  server.  The  result?  CapEx  and  OpEx  savings  through  better 
planning  and  operations,  proactively  protected  system  uptime,  and  reduced 
energy  use.  What’s  more,  our  software  services  optimize  performance 
throughout  the  data  center  life  cycle. 


StruxureWare 

Software  engineered  with  your  business  in  mind: 

>  Obtain  real-time  resource  and  capacity 
information  to  support  business  decisions. 

>  Get  the  most  out  of  your  data  center 
for  CapEx  and  OpEx  savings. 

>  Improve  energy  efficiency  and,  in  turn, 
cut  energy  costs  across  IT  and  facilities. 

>  Have  historical  and  real-time  metrics  and 
performance  reporting  at  your  fingertips. 


See  energy  waste  to  manage  it 

With  our  StruxureWare  for  Data  Centers  software  suite,  you  can  monitor  and 
track  where  your  company’s  energy  goes  (and  potentially  is  wasted)  throughout 
your  data  center  —  from  facilities  to  your  IT  room.  You  can  turn  this  energy  insight 
into  energy  savings,  as  well  as  both  enterprise  and  environmental  sustainability. 
This  robust  view  makes  your  data  center  a  strategic  business  asset. 

Business-wise,  Future-driven.™ 


99.999% 


30% 


13% 


C«p*£!iy 

Power 


Cooling 


U-Space 


****** 


. . . . 

How  can  we  cut 
enterprise-wise 
operating  costs? 

Integrated  Schneider 
Electric  data  centers  with 
software  cuts  total  life 
cycle  cost  up  to  13%. 


Can  we  cut  data 
center  physical 
infrastructure  costs? 

We  can  save  up  to  30% 
in  data  center  physical 
infrastructure  costs  over 
1 0  years  through  better 
resource  and  energy 
management. 


10-20% 


How  can  I  more 
predictably  spread 
out  data  center 
CapEx? 

Our  end-to-end  data 
centers  with  software 
yield  1 0  -  20%  initial 
CapEx  savings. 


-  60%  rnniai 


How  can  we  quickly 
meet  mission- 
critical  business 
needs? 

Reduce  reserve  power 
and  cooling  capacity 
by  50  -  60%  and 
optimize  resources 
through  informed 
decision  making. 


What  is  our  current 
data  center  risk 
profile? 

StruxureWare  for  Data 
Centers  software  provides 
full  visibility  across  IT 
and  facilities  so  you  can 
proactively  respond  to 
system  risks  to  achieve 
highest  availability  and 
business  uptime. 


by  Schneider  Electric 


APC  by  Schneider  Electric'”  products, 
solutions,  and  services  are  an  integral 
part  of  the  Schneider  Electric  IT  portfolio. 


Improve  planning  and  cut  OpEx  via  DCIM  best  practices! 
Discover  how...  get  our  FREE  white  paper  (a  $175  value)  and 
enter  to  win  a  Google  Nexus  10  tablet! 

Visit  www.SEreply.com  Key  Code  y346v  Call  888-289-APCC  x6515 


Schneider 

E I  e  c  t  r  i  c 


©2013  Schneider  Electric.  All  Rights  Reserved.  Schneider  Electric,  APC,  StruxureWare,  and  Business-wise,  Future-driven  are  trademarks  owned  by  Schneider  Electric  Industries  SAS  or  its 
affiliated  companies.  All  other  trademarks  are  the  property  of  their  respective  owners.  References  include  Schneider  Electric  Data  Center  Science  Center  “Data  Center  EcoStruxure  Value 
Profile”  analysis;  white  papers  6,  107,  117,  and  114;  and  internal  test  report  (Kolding  development  team),  www.schneider-electric.com  •  998-1 172481_GMA-US_Nexus 
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Cisco/EMC/VMware 
coalition  aims  at 
small  data  centers 

VCE.THE  DATA  center  coalition  formed  by  Cisco,  EMC 
and  VMware,  has  expanded  its  product  portfolio  with  low-end 
versions  of  its  integrated  infrastructure  system  certified  to  run 
SAP  software  and  new  management  capabilities.  The  coalition 
was  formed  in  2009  to  sell  prepackaged  Cisco  servers  and 
switches,  EMC  storage  and  VMware  virtualization  tools  in  an 
effort  to  accelerate  the  adoption  of  cloud  computing  infrastruc¬ 
ture.  Up  to  now,  VCE  sold  high-end  packages  with  an  average 
selling  price  of  around  $2  million.  The  products  unveiled  last 
week  bring  that  system  to  smaller  data  centers  and  branch 
and  remote  offices,  with  an  average  selling  price  believed  to  be 
below  $500,000.  tinyurl.com/aamwd6u 
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Patent  protection 

TECH  FIRMS  marched  to 
Capitol  Hill  last  week  to  defend 
software  patents,  saying  they’re 
necessary  to  drive  innovation 
and  protect  huge  R&D  invest¬ 
ments.  The  U.S.  patent  system 
isn’t  perfect,  but  lawmakers  and 
judges  shouldn’t  address  cur¬ 
rent  controversies  by  eliminat¬ 
ing  software  patents  altogether, 
executives  with  Microsoft,  Ora¬ 
cle,  IBM,  Covia  Labs  and  Procter 
&  Gamble  said  during  a  briefing 
before  congressional  staffers. 
Instead,  lawmakers  should  look 
at  ways  to  improve  patent  qual¬ 
ity,  make  it  tougher  for  patent 


licensing  firms  to  file  infringe¬ 
ment  lawsuits,  and  require 
companies  to  be  transparent 
about  the  patents  they  hold. 
Even  without  congressional 
action,  companies  can  be  more 
transparent,  said  Brad  Smith, 
Microsoft’s  general  counsel  and 
executive  vice  president  —  who 
then  announced  that  Microsoft 
will  publish  information  on  all 
the  patents  it  holds  by  April  1. 
tinyurl.com/bjtfccp 

IBM  puts 
mobile  first 

IBM  IS  making  a  renewed 
push  into  mobile  with  an  effort 
that  combines  a  raft  of  Big 
Blue  products  and  services 

—  some  recently  acquired 

—  under  a  new  umbrella 
brand,  MobileFirst.  Through 
MobileFirst,  IBM  says  it  will 
help  companies  design  and 


build  customer-facing  apps  that 
reduce  operational  costs  or  help 
grow  their  business.  IBM  says 
it  also  has  the  tools  for  building 
internal  apps  for  sales  staff  and 
other  workers,  and  for  manag¬ 
ing  the  influx  of  employee 
devices.  “The  market  for 
enterprise  mobility  is  absolutely 
huge,  and  it’s  never  going  away,” 
says  Kevin  Benedict,  head 
analyst  at  Cognizant  Technol¬ 
ogy  Services.  That  could  be  an 
advantage  for  big  players  such 
as  IBM,  because  companies 
want  to  invest  in  platforms  they 
know  will  be  around  for  many 
years  to  come,  Benedict  says. 
tinyurl.com/a6aaqja 

Microsoft 
Azure  bests 
Amazon's  cloud 

MICROSOFT  AZURE’S  cloud 
outperformed  Amazon  Web 
Services  in  a  series  of  tests  con¬ 
ducted  by  Nasuni,  an  enterprise 
storage  vendor  that  annually 
benchmarks  cloud  service 
providers  to  see  which  offers 
the  best  performing,  most  reli¬ 
able  infrastructure.  Last  year 
Amazon  Web  Services’  cloud 
came  out  on  top,  but  this  year 
Microsoft  Azure  outperformed 
AWS  in  performance  and  reli¬ 
ability  measures.  AWS  is  still 
better  at  handling  extra-large 
storage  volumes,  while  Nasuni 
found  that  the  two  OpenStack 
powered  clouds  it  tested  —  from 
HP  and  Rackspace  —  were  lack¬ 
ing,  particularly  at  larger  scales. 
tinyurl.com/a4a4znm 


IT  VIDEO 

What  will  we 
see  at  MWC? 

The  Mobile  World 
Congress  will  take  place 
this  week,  where  new 
smartphones  and  other 
mobile  devices  will  be 
launched.  In  this  preview 
video,  Nick  Barber 
chats  with  IDC’s  Ramon 
Llamas  about  some  of  the 
hardware  and  software 
trends  expected  to  come 
out  of  the  Barcelona  show. 
tinyurl.com/af995vc 


Whaddya  know, 
broadband  speed 
as  promised 

U.S.  BROADBAND  provid¬ 
ers  are  making  good  on  the 
residential  broadband  speeds 
they  advertise,  and  a  handful 
of  large  providers  outperform 
expectations,  a  new  FCC  report 
says.  On  average,  U.S.  provid¬ 
ers  surveyed  in  September 
delivered  sustained  speeds  at 
97%  of  advertised  speeds,  up 
slightly  from  the  FCC’s  July 
broadband  report,  and  up  from 
87%  in  the  agency’s  August 
2011  report.  The  report  found 
that  Comcast  delivered  103% 
of  promised  download  speeds 
during  peak  hours,  Cablevision 
delivered  115%,  Verizon’s  FiOS 
delivered  118%,  and  satellite 
provider  ViaSat’s  Exede  service 
delivered  137%.  Providers 
not  meeting  their  advertised 
download  speeds  during  peak 
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When  change  is  the  only  constant, 

IBM  System  x3650  M4  Express  server  delivers. 

Business-critical  solutions  require  a  server  capable  of  delivering  steady  performance  even 
under  pressure.  The  powerful  and  customizable  IBM®  System  x3650  M4  Express®  server, 
with  the  latest  Intel®  Xeon®  processor,  has  a  resilient  architecture  that  is  designed  to 
operate  at  temperatures  as  high  as  40  degrees  Celsius  for  100%  of  operating  hours.1  This 
capability  can  help  save  on  power  and  cooling  costs  and  is  not  warranted  for  either  HP 
ProLiant  DL380p  G8  or  Dell  PowerEdge  R720.2  With  the  added  expertise  of  IBM  Business 
Partners,  you  can  address  the  increasing  demands  on  your  IT  infrastructure. 


A  resilient  server  for  your  business-critical  solutions. 


IBM  System  x3650  M4  Express 

$2,739 

OR  $81/MONTH  FOR  36  MONTHS3 


PN:  7915-EBU _ 

Low  TCP  with  exceptional  performance  per  watt _ 

Flexible,  “pay-as-you-grow”  design  to  lower  cost  and  manage  risk 
Excellent  reliability  and  uptime  for  business-critical  applications  and  cloud 


IBM  System  x3530  M4  Express 


IBM  Storwize®  V3700 


$1,989 

OR  $59/MONTH  FOR  36  MONTHS3 


$8,799 

OR  $21 6/MONTH  FOR  36  MONTHS3 


PN:  7160-EBU _ 

2-socket  value  server  optimized  for  performance  and  low  cost _ 

Dense  1U  design  for  many  general  business  workloads 

IBM  DNA  throughout,  including  RAS,  flexibility  and  easy  management 


PN:  2072-S2C _ 

2U  form  factor  capable  of  24  -  2.5”  drives  (up  to  120  drives  with  expansion  units) 
Virtualization  of  internal  storage  and  thin  provisioning  for  improved  storage  utilization 
Intuitive  user  interface  based  on  the  breakthrough  Storwize  family  user  interface 


Read  the  white  paper 
Higher  data  center  temperatures 
can  help  reduce  costs  without 
impacting  performance. 

Visit:  ibm.com/systems/resilient 

Or  scan  the  QR  code  with  your  smartphone 
to  learn  more  about  the  x3650  M4. 


Contact  the  IBM  Concierge  to  help  you 
connect  to  the  right  IBM  Business  Partner. 
1-866-872-3902  (mention  102PF05A) 


'Applicable  to  IBM  System  x3750  M4,  x3650  M4,  x3630  M4,  x3550  M4,  x3530  M4  and  x3300  M4  server  models  with  95-watt  processors  or  below. 

2HP  ProLiant  DL380p  G8  supports  up  to  35°C  (link:  http://www.storagenetworks.com/documents/manuals/dl380p-gen8-manual.pdf).  Dell  PowerEdge  R720  and  R720xd  support  up  to  40°C  at  10% 
of  annual  operating  hours  or  less  (link:  http://support.dell.com/support/edocs/systems/peR720/en/OM/r720omen.pdf). 

3Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly 
payments  provided  are  for  planning  purposes  only  and  may  vary  based  on  your  credit  and  other  factors;  please  contact  your  IBM  Global  Financing  Representative  for  actual  monthly  amounts.  Lease 
offer  provided  is  based  on  an  FMV  lease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice. 

IBM  hardware  products  are  manufactured  from  new  parts  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit  http://www.ibm. 
com/servers/support/machine_warranties.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services.  IBM,  the  IBM  logo,  System  x,  Express  and  Storwize  are  registered 
trademarks  of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  For  a 
current  list  of  IBM  trademarks,  see  www.ibm.com/legal/copytrade.shtml.  Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  United  States 
and/or  other  countries.  All  prices  and  savings  estimates  are  subject  to  change  without  notice,  may  vary  according  to  configuration,  are  based  upon  IBM's  estimated  retail  selling  prices  as  of  12/18/2012 
and  may  not  include  storage,  hard  drive,  operating  system  or  other  features.  Reseller  prices  and  savings  to  end  users  may  vary.  Products  are  subject  to  availability.  This  document  was  developed  for 
offerings  in  the  United  States.  IBM  may  not  offer  the  products,  features  or  services  discussed  in  this  document  in  other  countries.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most 
current  pricing  in  your  geographic  area.  ©2013  IBM  Corporation. 


bits 


GOOD  I  BAD  I  UGLY 


Wi-Fi  for  all! 


THE  FCC  has  taken  the  first  step  toward  an  expansion 
of  the  spectrum  available  for  Wi-Fi,  with  the  agency 
launching  a  rulemaking  proceeding  to  open  new  parts 
of  the  5GHz  spectrum  to  unlicensed  uses.  The 
FCC  last  Wednesday  voted  to  approve  a  notice 
of  proposed  rulemaking  to  look  at  ways  to  use 
195MFIz  of  the  5GHz  spectrum,  now  occupied 
by  government  agencies  and  other  users,  for 
unlicensed  Wi-Fi  services.  The  195MFIz  would 
represent  a  35%  increase  in  the  amount  of  U.S.  5GFIz 
spectrum  available  for  unlicensed  devices. 

Kaspersky  woes  continue 

KASPERSKY  LAB’S  flawed  anti¬ 
malware  update  that  went  out  Feb.  5 
for  the  company’s  Endpoint  Security 
product  continued  to  cause  serious 
disruptions  in  enterprise  networks 
last  week.  And  Kaspersky, 
iU  which  has  released  ensuing 
patches  aimed  at  remedying 
the  problems  caused  by  the  first 
bad  update,  is  apologizing  for  the 
ongoing  problems.  "Upon  receiving  feedback  from 
customers,  Kaspersky  Lab  is  working  to  remedy 
stability  and  performance  issues  associated  with  the 
recent  autopatch  ‘b’  released  on  February  5,  2013,” 
Kaspersky  said  in  a  statement  to  Network  World. 

Fired  up  in  Australia 

APPLE  HAS  been  blamed  by  authorities  in  Austra¬ 
lia  for  the  potentially  dangerous  flaws  found  in  the 
FireReady  bush  fire  information  iOS  app.  The 
Country  Fire  Authority  in  Victoria,  Australia,  has 
said  that  it  has  been  forced  to  use  Apple  Maps 
in  the  FireReady  app,  which  aims  to  alert  locals 
and  travellers  to  nearby  bush  fires  and  emergen¬ 
cies,  but  that  the  maps  are  inaccurate.  "Users  report 
that  towns  are  located  on  their  maps  at  the  centre  of 
the  district  rather  than  on  the  actual  township  itself,” 
said  a  CFA  spokesman,  who  claims  that,  in  response 
to  its  complaints,  Apple  simply  advised  CFA  to  report 
inaccuracies  via  the  Apple  Maps  app.  (via  MacWorld 
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Cost  per  megabyte  to  store 
data  in  DNA.  “If  you  took  every 
thing  human  beings  have  ever 
written  -  50  billion  mega¬ 
bytes  of  text  -  and  stored 
it  in  DNA. ..it  would ...  weigh 

less  than  a  granola  bar.”  SOURCE:  NPR 


hours  included  Qwest  at  82% 
and  Windstream  at  81%. 

tinyurl.com/ad83lnd 

Amazon  hits  the 
gas  on  Redshif  t 

CLOUD-BASED  DATA  ware¬ 
house  Redshift  is  now  generally 
available,  says  Amazon,  which 
is  pitching  the  service  as  a  less 
expensive  and  easier-to-manage 
alternative  to  on-premise 
deployments.  With  the  AWS 
Management  Console  or  the 
Amazon  Redshift  APIs,  users 
can  provision  a  single  2TB  data 
warehouse  or  a  cluster  of  16  2TB 
nodes  or  16TB  nodes,  by  default. 
The  nodes  are  called  High  Stor¬ 
age  Extra  Large  (XL)  and  Stor¬ 
age  Eight  Extra  Large  (8XL). 
On-demand  pricing  starts  at 
$0.85  per  hour  for  an  XL  node 
and  $6.80  per  hour  for  the  8XL 
node.  Reserved  instance  pricing 
lowers  the  effective  price  to 
$0,228  per  hour  or  less  than 
$1,000  per  terabyte  per  year, 
according  to  Amazon. 
tinyurl.com/aaejtds 

ERP  projects:  Still 
hard,  still  prone 
to  disappoint 

ERP  SOFTWARE  project  woes 
continue  to  mount,  according 
to  newly  released  data  from 
Panorama  Consulting.  In  a 
survey  of  172  respondents,  61% 


said  their  ERP  implementations 
took  longer  than  planned  (up 
from  54%  in  2011),  and  60% 
said  they  received  less  than 
half  of  the  expected  benefits 
(compared  to  48%  in  2011).  One 
in  10  respondents  classified  their 
project  as  a  failure.  The  percent¬ 
age  of  respondents  reporting  cost 
overruns  fell  to  53%,  compared  to 
56%  in  2011  and  74%  in  2010. 
tinyurl.com/b7rnheo 

Microsoft  spikes 
Mac  Office  prices 

MICROSOFT  HAS  quietly  raised 
prices  of  Office  for  the  Mac  as 
much  as  17%  and  stopped  selling 
multi-license  packages  of  the 
application  suite.  The  move  puts 
Office  for  Mac  2011  on  the  same 
pricing  schedule  as  the  new 
Office  2013  for  Windows.  The 
price  increases  and  the  disap¬ 
pearance  of  the  multi-license 
bundles  also  makes  Microsoft’s 
Office  365,  a  software-by-sub¬ 
scription  deal  the  company  has 
aggressively  pushed,  more  com¬ 
petitive  with  traditional  “perpet¬ 
ual”  licenses.  The  single-license 
Office  for  Mac  Home  &  Student 
now  costs  $140,  a  17%  increase 
from  the  previous  price  of  $120. 
Office  for  Mac  Home  &  Business, 
an  edition  that  adds  the  Outlook 
email  client  to  Home  &  Student’s 
Excel,  PowerPoint  and  Word, 
runs  $220,  or  10%  higher  than 
the  older  $200  price. 
tinyurl.com/a3qhww3 
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Powering  high-tech  innovation 

with  $1.4  million  in  energy  savings 


PG&E’s  Frank  Arroyo  and  energy  committee  members,  at  storage  device 
manufacturer  HGST,  a  Western  Digital  company,  meet  regularly  to  discuss 
energy-savings  goals  that  help  this  Silicon  Valley  firm  stay  on  the  cutting  edge 


With  two  sites  and  24  buildings,  including  300,000  square  feet  of  energy-intensive 
“clean  rooms"  used  to  manufacture  components,  HGST  has  a  great  motivation 
to  continue  their  long-term  energy  efficiency  strategies.  Since  2005,  the  company 
has  received  $1.36  million*  in  incentives  from  PG&E  for  retrofitting  their  campus 
with  energy-efficient  lighting,  upgrades  for  HVAC  controls,  and  enhancements  to 
many  process  systems. 


Patrick  Bernal 

HGST  San  Jose  Maintenance 
and  Operations  Manager 


San  Jose  Maintenance  and  Operations  Manager  Patrick  Bernal  can  even  control 
air  compressor  and  vacuum  systems  from  his  cellular  phone  for  on-demand  use 
rather  than  running  them  24  hours  a  day.  The  end  result:  teamwork  leads  to 
ongoing  energy  savings  that  make  HGST  more  competitive. 


If  you  would  like  your  business  to  save  more  energy  and  money,  contact  your 
PG&E  Customer  Representative  or  call  1-800-468-4743. 


www.pge.com/htincentives2 


'The  past  five-year  energy  savings  is  based  on  an  estimated  annual  energy 
savings  of  approximately  1,120  kW,  12,625,302  kWh,  and  314,284  therms. 

'PG&E"  refers  to  Pacific  Gas  and  Electric  Company,  a  subsidiary  of  PG&E 
Corporation.  ©2013  Pacific  Gas  and  Electric  Company.  All  rights  reserved 
These  offerings  are  funded  by  California  utility  customers  and  administered 
by  PG&E  underthe  auspices  of  the  California  Public  Utilities  Commission. 


Left  to  right:  Frank  Arroyo,  PG&E 
Customer  Relationship  Manager; 
Patrick  Bernal,  HGST  San  Jose 
Maintenance  and  Operations  Manager 

Below:  Pictured  with  energy  committee 
member  Aasha  Sachdev,  CH2M  HILL 


Working  with  Frank 
as  an  integral  part  of 
our  team  helped  us 
take  full  advantage 
of  the  PG&E  incentive 
programs  available 
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Etsy  s  big  data  brain  trust:  Senior  Software  Engineer 
Steve  Mardenfeld,  left;  Principal  Engineer  Dan  McKinley 
and  Nell  Thomas,  group  manager,  data  analysts,  at  the 
company’s  Brooklyn,  N.Y.,  headquarters.  Also  pictured 
is  McKinley’s  dog,  Dottie  Matrix. 

'PHOTO  BY  ROGER  HAGAOONE 
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f  Hadoop-based 
data  analytics  drives 
success  of  fast-growing 
e-commerce  site 


At  Etsy,  the  online  market¬ 
place  for  handmade  crafts 
and  vintage  items,  the  benefits 
of  big  data  analytics  come  in 
small  packages  —  for  example, 
something  as  simple  as  tweak¬ 
ing  a  “favorite”  button,  which 
lets  visitors  bookmark 
products  they  like. 


“Someone  was  digging  through 
data  and  noticed  that  relatively  few 
people  click  on  [the  ‘favorite’]  but¬ 
ton,  but  of  those  who  do  click  on  it, 
a  pretty  high  percentage  wind  up 
signing  up  for  the  site,”  recalls  Dan 
McKinley,  principal  engineer  and 
five-year  Etsy  veteran.  “So  we  tried 
making  it  more  prominent  for  peo¬ 
ple  who  hadn’t  signed  up  yet.  That 
was  worth  a  few  percentage  points 
of  people  signing  up,  which  in  our 
world  is  a  pretty  huge  increase.” 

Sifting  through  data,  adjusting 
page  elements  and  improving  site 
engagement  is  standard  operat¬ 
ing  procedure  at  Etsy,  which  uses 
an  approach  known  as  continu¬ 
ous  deployment.  Any  of  Etsy’s 
150-plus  engineers  can  deploy 
code  to  the  live  site  at  any  time  — 
and  that  happens  20  to  30  times 
a  day.  (Newly  hired  engineers  are 
encouraged  to  deploy  on  their  first 
day  on  the  job.) 

“With  continuous  deployment, 
we’re  able  to  push  lots  of  small, 
incremental  changes,”  says  Steve 
Mardenfeld,  senior  software  engi¬ 
neer  at  Etsy.  “It’s  the  perfect  vehicle 
for  experiments.” 

Data  provides  the  rationale  for 
these  engineering  experiments  — 
and  Etsy  has  gobs  of  it. 


Page  views 


More  than 
14  million 


have  made 


million  items 
have  been 
sold  since 
Etsy’s  launch 
in  2005. 
Sates 
lumped 
70%  last 
par,  and- 


2011 


2012 


2009 


2010 


Merchandise  sales 


2005  $0.12M 

2006  |  $3.8M 


The  Etsy  way 

More  than  14  million  shoppers  have 
made  purchases  and  100  million 
items  have  been  sold  since  Etsy  was 
founded  in  2005  in  an  apartment 
in  the  Fort  Greene  neighborhood  of 
Brooklyn,  N.Y.  Founder  Rob  Kalin 
came  up  with  the  idea  because  he 
couldn’t  find  a  viable  marketplace  to 
sell  his  photos,  paintings  and  carpentry  prod¬ 
ucts.  He  teamed  with  Chris  Maguire  and  Haim 
Schoppik  to  design,  build  and  launch  the  site. 

Today  Etsy  occupies  a  former  cardboard- 
box  factory  in  an  area  of  the  borough  known 
as  DUMBO  (which  stands  for  Down  Under 
the  Manhattan  Bridge  Overpass).  It’s  a  laid- 
back  environment  where  dogs  roam,  confer¬ 
ence  rooms  are  decorated  with  handcrafted 
pieces  commissioned  from  Etsy  artists,  and 
employees  are  given  a  decorating  budget  to 
trick  out  their  workspaces.  A  staff  lunch  pro¬ 
gram,  known  as  “Eatsy,”  serves  up  free  lunch 
for  employees  three  times  a  week. 

Creativity  is  rampant.  “No  matter  what 
job  you  have  here,  people  are  encouraged 
to  think  creatively  about  how  to  get  things 
done,”  says  Nell  Thomas,  group  manager, 
data  analysts,  at  Etsy. 

At  the  helm  is  Etsy’s  onetime  CTO  Chad 


Dickerson,  who  took  on  the  CEO  role  in 
mid-2011.  The  company  has  nearly  400 
employees,  and  last  year  it  raised  $40  mil¬ 
lion  in  Series  F  venture  financing.  There  are 
800,000  active  sellers  and  40  million-plus 
monthly  visitors  to  the  site.  In  2012,  sales 
jumped  70%  to  $895.1  million,  and  page  views 
climbed  28%  to  16.7  billion. 

With  all  that  activity,  Etsy  generates  enor¬ 
mous  quantities  of  data.  Every  interaction 
with  the  site  —  a  page  view,  a  click,  a  pop-up 
—  is  collected.  “We’re  doing  about  175  million 
events  per  day,  which  amounts  to  roughly  75 
gigabits  of  event  data  that  we  store  per  day,” 
Mardenfeld  says. 

Democratization  of  data 

Data  analysis  is  everywhere  at  Etsy;  it’s  not  the 
domain  of  any  single  group.  “We  try  to  have  it 
be  a  work  in  progress,  be  part  of  the  culture, 


and  be  embedded  throughout  dif¬ 
ferent  parts  of  the  site  and  parts  of 
the  company,”  Thomas  says. 

The  lack  of  centralization  is 
deliberate.  “There’s  less  central 
control,  which  can  mean  more 
opportunity  for  people  to  bite  off 
different  parts  of  the  data  we  have 
and  use  it.  That  can  lead  to  really 
positive  things,  and  it  can  also  be 
a  challenge  in  terms  of  making 
sure  people  understand  the  data 
and  are  making  decisions  based 
on  correct  interpretations,”  says 
Thomas,  who  acts  as  an  ambassa¬ 
dor  between  Etsy’s  data  teams  and 
the  rest  of  the  company. 

“It  might  be  simpler  if  there  were 
one  monolithic  group  that  came 
down  as  the  source  of  data  truth, 
but  it  would  create  a  bottleneck 
and  a  silo  that  wouldn’t  necessar¬ 
ily  help  us  move  quickly  and  use 
data  to  inform  what  we’re  doing.” 

Internally,  data  analysis  is 
incorporated  throughout  the 
product  life  cycle,  helping  devel¬ 
opment  teams  to  design  and  pri¬ 
oritize  site  changes. 

“The  engineers  and  product 
people  who  are  building  features 
on  the  site  are  doing  experimen¬ 
tation,  and  a  majority  of  features 
are  A/B  tested,  so  everybody  in 
those  groups,  to  some  extent,  uses 
big  data  in  order  to  analyze  those 
things,”  McKinley  says. 

“We  also  use  data  to  decide 
what  we’re  going  to  do  going  for¬ 
ward,  working  with  our  product 
road  map,”  Mardenfeld  adds.  “We 
use  it  all  over.  We  use  data  to  make 
sure  that  our  products  are  behav¬ 
ing  the  way  we’re  expecting  them 
to.  We  use  data  to  understand  and  gain  insight 
into  how  people  are  using  the  site,  and  we  use 
it  to  iterate  as  well.  It’s  part  of  all  these  differ¬ 
ent  steps.” 

Sharing  the  data 

With  such  a  massive  volume  of  merchandise 
for  sale,  it’s  a  constant  challenge  to  try  to  make 
sellers’  items  more  discoverable  by  shoppers. 
Etsy  uses  big  data  to  power  the  content  that’s 
being  shown  to  site  visitors  via  its  product 
recommendation  system,  for  example,  and 
search  ranking.  The  clickstream  data  is  pro¬ 
cessed  in  real  time  and  used  to  deliver  rel¬ 
evant  content  to  a  user. 

At  the  feature  level,  big  data  powers  Etsy’s 
Taste  Test,  which  takes  users  through  a 
product  quiz  of  sorts  before  recommending 
products  they  might  like,  and  recommen¬ 
dations  for  visitors  who  come  to  Etsy  via 
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GoToAssist’s  integrated  support 
solutions  give  you  powerful  tools 


www.gotoassist.eom 

GoToAssist 

by  dTRIX 


Google  Product  Listing  Ads. 

“The  way  we  use  the  data  allows 
us  to  differentiate  between  user 
groups  and  helps  optimize  the  expe¬ 
rience  for  buyers  and  for  the  crafters 
and  small  businesses  that  are  trying 
to  sell  their  goods  to  people  around 
the  world,”  Thomas  says. 

Externally,  Etsy  prepares  ana¬ 
lytic  products  for  shop  owners  that 
allow  each  seller  to  see  how  they’re 
doing.  Shop  Stats,  an  analytics  sys¬ 
tem  for  sellers,  shows  what  people 
were  searching  for,  how  they  navi¬ 
gated  to  the  shop  and  how  many 
purchases  were  made,  for  instance. 
In  the  big  picture,  Etsy  publishes  a 
monthly  report  that  shares  over¬ 
all  business  metrics  such  as  total 
goods  sold  by  the  Etsy  community, 
number  of  items  listed,  site  mem¬ 
bership  and  page  views. 


There  are  products  with  a  tech  twist  at 
the  Etsy  store,  such  as  this  “one-of-a-kind 
found  object  robot”  and  this  “heart-shaped 
circuit  board  necklace." 


Hadoop  and  critical  thinkers  . 

Making  data  usable  throughout 
the  company  requires  a  combination  of  peo¬ 
ple  and  technology. 

On  the  people  front,  working  with  data  at 
Etsy  requires  a  blend  of  business,  analytics 
and  engineering  skills. 

“When  we  hire  people  who  we  intend  to 
be  analysts,  we  look  for  qualities  like  critical 
thinking  skills,  skepticism  and  an  ability  to 
think  statistically.  We  expect  that  well  be  able 
to  train  them  in  whatever  programming  lan¬ 
guage  they’ll  need  to  do  their  day-to-day  job,” 
McKinley  says.  “Typically  we’re  hiring  engi¬ 
neers  and  training  them  in  basic  statistics,  or 
we’re  hiring  people  in  statistics  and  training 
them  in  basic  engineering.  The  people  who 
are  awesome  at  both  of  those  things  are  very 
few  and  far  between.” 

On  the  technology  front,  Etsy  uses  a  wide 
range  of  tools.  The  company  collects  trans¬ 
actional  data,  which  is  anything  to  do  with 
products,  listings  and  purchases,  as  well  as 
behavioral  data,  which  includes  any  kind  of 
interaction  that  people  have  while  they’re 
browsing  the  site.  As  site  traffic  has  grown,  so 
have  Etsy’s  analytic  capabilities.  The  e-com¬ 
merce  site  has  beefed  up  its  event-logging 
platforms,  its  analytics  infrastructure  and  its 
presentation  tools. 

Ensuring  data  consistency  and  accuracy 
is  one  of  the  biggest  challenges.  “We’re  mak¬ 
ing  decisions  with  data,  yet  it’s  very  hard  to 
actually  make  sure  that  the  data  is  correct,” 
says  Mardenfeld,  who’s  focused  on  build¬ 
ing  the  infrastructure  that  powers  Etsy’s 
big  data  projects.  “We  put  a  lot  of  work  into 
error  checking,  making  sure  our  collection 
pipelines  are  working.  Data  is  a  little  bit  of  a 
different  beast.  You  can’t  just  get  your  code 


to  compile.  You  have  to  com¬ 
pile  and  also  make  sure  that  it 
makes  sense.  I  think  that’s  the 
hardest  part  about  this.” 

In  terms  of  platforms  and 
tooling,  Hadoop  plays  a  key 
role  in  storing  and  processing 
the  data.  Etsy  runs  dozens  of 
workflows  each  night  on  Ama¬ 


zon’s  cloud-based  Elastic  MapReduce  service. 
Rather  than  keeping  a  single  cluster  running 
continuously,  Etsy  brings  up  a  new  cluster  for 
each  job  so  it  can  tailor  the  number  and  types 
of  instances  to  the  workload. 

“We  have  our  own  custom  event-logging 
frameworks,  and  we  store  all  the  data  in 
[Hadoop  Distributed  File  System  (HDFS)]. 
We  process  the  data  into  ETL  using  a  data 
flow  language  known  as  Cascading,  and  then 
we  push  it  downstream  to  a  data  warehouse, 
which  is  Vertica,”  Mardenfeld  says. 

Etsy  also  uses  Elastic  MapReduce  clusters 
to  analyze  the  data  and  perform  predictive 
analytics.  “Hadoop  is  an  important  part  of  our 
pipeline.  I  don’t  think  we’d  be  able  to  do  any  of 
this  without  it,”  Mardenfeld  says. 

To  digest  the  data,  Etsy  has  built  a  num¬ 
ber  of  homegrown  tools.  “We  write  a  bunch 
of  custom  UIs  for  this,  for  our  internal  tools. 
One  of  them  is  what  we  call  the  A/B  Ana¬ 
lyzer,  which  allows  us  to  easily  do  analysis 
on  experiments  that  we  run.  We  also  have  our 
own  internal  funnel  tool  and  our  own  dash¬ 
board  tool,”  Mardenfeld  says. 

The  homegrown  presentation  tools  make 
it  easier  for  teams  throughout  Etsy  to  access 
and  make  use  of  data  for  experimentation  and 
to  inform  product  development,  even  if  they 


don’t  have  statistical  expertise.  A 
launch  calendar  keeps  track  of  all 
the  current,  active  experiments 
at  Etsy,  and  Etsy  employees  can 
simply  click  on  an  experiment 
and,  using  the  homegrown  dash¬ 
boards,  see  the  results  to  date  of 
that  experiment. 

“We  had  a  lot  of  questions  that 
were  of  the  same  type,  so  we’ve 
generalized  those  so  it’s  easy  for 
people  to  get  the  answers  to  those 
questions  without  doing  a  lot  of 
work,”  Mardenfeld  says.  “For  more 
custom  questions,  you  can  answer 
questions  in  Vertica,  you  can  use 
SQL,  and  for  more  in-depth  data 
mining  and  analysis  and  building 
products,  then  you  can  jump  down 
to  writing  things  in  MapReduce 
and  Cascading.” 

Big  data,  little  changes 

Etsy’s  continuous  deployment 
approach  sets  up  an  ideal  sce¬ 
nario  for  tying  single,  isolated  site 
changes  to  experiments,  and  it 
makes  it  easy  to  identify  the  culprit 
if  a  code  change  causes  problems. 

“When  you  make  multiple 
changes  to  a  site  or  a  page,  it’s  hard 
to  figure  out  what’s  not  working 
the  way  you  want  it  to,”  Marden¬ 
feld  says.  “When  you  change  one 
thing  at  a  time,  you’re  able  to  see  where  you 
went  down  the  wrong  path  and  can  backtrack 
very  easily.” 

Another  benefit  of  continuous  deploy¬ 
ment  is  the  ability  to  pull  the  plug  on  a  code 
change  that  didn’t  live  up  to  expectations. 
“We’re  more  likely,  we  think,  to  notice  that 
we’re  doing  something  that’s  bad  and  to  stop,” 
McKinley  says.  “Whereas  operationally  and 
emotionally,  if  you  work  on  something  for 
many  months  and  then  release  it,  there’s 
nothing  that  will  stop  you  from  releasing  it 
because  you’re  invested  in  it.” 

Most  often,  the  changes  yield  modest  gains 
with  minimal  impact  —  and  that’s  the  plan. 
“We’re  playing  with  people’s  livelihoods 
here,  so  it  behooves  us  to  be  very  careful,” 
McKinley  says. 

Being  able  to  improve  business  for  the 
800,000  craftspeople  and  small  business 
owners  that  enable  Etsy’s  existence  is  a  moti¬ 
vator  for  employees. 

“It  feels  really  good  at  Etsy  to  be  optimizing 
something  that’s  not  just  about  a  corpora¬ 
tion’s  bottom  line,”  Thomas  says.  “The  work 
we’re  doing,  the  ways  that  we’re  looking  at 
data  and  using  it  to  make  things  better,  is  all 
about  helping  the  sellers  on  Etsy  to  be  more 
successful.”  ■ 
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Introducing  the  Dell  SonicWALL  SuperMassive  9000  Series 


Every  day  your  network  is  asked  to  do  more.  Carry  more  traffic.  Ward  off  more  sophisticated  threats.  Meet  the  challenge 
with  the  new  DeU'u  SonicWALL'"  SuperMassive'"  9000  Series,- a  Next-Generation  Firewall  that  examines  every  packet  without 
compromising  network  performance. 


The  SuperMassive  platform  was  engineered  to  address  the  security  and  high  performance  demands  of  carriers  and  service 
providers.  The  new  Dell  SonicWALL  SuperMassive  9000  Series  offers  that  same  high  level  of  protection  and  performance  to 
the  enterprise  in  an  elegant  one- rack  appliance  that  saves  space,  power,  and  cooling  costs. 


sonicwall.com/SuperMassive9000 


The  power  to  do  more 


trademark oif  Pell  Inc.  and  an  othvr  Del!  SoucWall  pcduct  •?' 


P""  f - 

;  .T  ■  j 

ippr*-- 

A' 

M  1  I 

r‘  1 

le-J 

ftft  "'T:  -1 : 

P 

.  i 

■ 

Ha 

'K’Xffid 

TREND  ANALYSIS 


Cisco’s  small-cell  move  expands  mobile  nets 

The  company  will  show  off  its  first  licensed  small  cells  along  with  services  software 


BY  STEPHEN  LAWSON, 

IDG  NEWS  SERVICE 

CISCO’S  LONG-ANTICIPATED  entry  into 
cellular  base  stations  will  come  at  Mobile 
World  Congress  this  week,  along  with  the 
company’s  familiar  promise  of  an  end-to-end 
architecture. 

Having  the  dominant  vendor  of  Wi-Fi  gear 
in  the  cellular  RAN  (radio  access  network) 
business  may  help  to  fuse  the  two  technolo¬ 
gies  into  a  powerful  combination  that  boosts 
mobile  speeds.  But  Cisco’s  more  likely  to 
affect  indoor  cells  than  those  outdoors,  where 
makers  of  long-range  “macro”  radios  are 
already  well  established  and  pushing  smaller 
cells  of  their  own,  industry  analysts  say. 

Cisco’s  recent  announcement  of  small  cells 
and  an  outdoor  backhaul  platform,  just  in 
time  for  MWC,  came  after  a  long,  slow  climb 
toward  the  licensed  RAN  market  in  which  the 
company  introduced  just  about  everything 
short  of  a  cell.  In  addition  to  gear  for  the  cores 
and  edges  of  mobile  carrier  networks,  Cisco 
has  been  selling  carrier  Wi-Fi  access  points, 
including  ones  with  slots  to  add  cellular 
radios,  and  partnered  with  startup  ip.access 
on  home  femtocells.  Now  it’s  finally  adding 
cells  themselves,  though  not  the  type  that  go 
in  towers. 

Not  just  a  formula  to  generate  more  profit 
for  Cisco,  the  company’s  entry  is  part  of  a 
trend  that  came  into  the  spotlight  a  year  ago 
with  mobile  giant  Ericsson’s  acquisition  of 
carrier  Wi-Fi  vendor  Bel  Air  Networks,  Yan¬ 
kee  Group  analyst  Ken  Rehbehn  said. 

“This  is  a  natural  next  step,”  Rehbehn  says. 
“It  gives  the  operators  a  choice.  It  gives  Cisco 
an  opportunity  to  leverage  something  that 
they  are  very  strong  at,  which  is  excellent 
Wi-Fi  capabilities  for  network  operators.” 

Cisco  will  introduce  a  standalone  3G 
small  cell,  a  3G  module  that  can  be  added  to 
its  carrier  Wi-Fi  access  points,  and  a  back¬ 
haul  router  that’s  designed  for  use  outdoors 
in  combination  with  public  small  cells.  It’s 
also  announcing  Cisco  Quantum,  a  software 
architecture  that’s  designed  to  let  carriers 
get  better  performance  out  of  their  networks 
and  present  new  types  of  services  and  offers 
based  on  real-time  network  data. 

Some  carriers  have  been  using  Wi-Fi  for 
years  to  take  mobile  data  traffic  off  their 
scarce  licensed  spectrum  and  offer  subscrib¬ 
ers  higher  speeds  in  crowded  places  such 
as  coffee  shops  and  arenas.  Small  cells  are 
designed  to  do  a  similar  thing  in  a  different 


way  with  a  carrier’s  own  licensed  spectrum, 
reusing  in  a  small  area  the  frequencies  that 
already  travel  from  cell  towers  across  a  whole 
neighborhood. 

Rather  than  dive  in  at  the  deep  end  of  the 
market  with  small  cells  for  public,  outdoor 
use,  Cisco  is  wading  in  around  enterprises, 
an  area  it  knows  well.  Both  of  the  cells  it’s 
announcing  this  week  are  designed  to  work 
in  tandem  with  its  Wi-Fi  gear  in  enterprises. 
They’ll  give  users  another  option  for  con¬ 
nectivity  that  they  may  need  based  on  what 
device  they’re  using  and  what  kind  of  radio 
spectrum  is  available,  according  to  Cisco. 

“It  will  speed  the  deployment  of  the  small 
cells  in  cases  where  there’s  Wi-Fi,”  Rehbehn 
says.  In  that  sense,  Cisco’s  move  into  licensed- 
spectrum  small  cells  is  just  an  expansion  of 
its  efforts  at  extending  mobile  networks  with 
Wi-Fi,  rather  than  a  head-on  challenge  to  the 
cell  establishment. 

Outside  of  enterprises,  restaurants,  stadi¬ 
ums  and  other  closed  areas,  small  cells  are 
likely  to  carry  the  same  brands  as  the  big 
base  stations  on  nearby  towers,  Rehbehn 
says. 

“It  remains  to  be  seen  how  effectively 
[Cisco]  can  go  head-to-head  with  the  larger 
OEMs  that  own  the  vast  majority  of  footprint 
with  the  mobile  operators,”  he  says. 

He  says  the  main  reason  for  this  is  techni¬ 
cal  because  macro  cells  transmit  throughout 
the  pockets  of  space  served  by  outdoor  small 
cells,  preventing  the  two  types  of  networks 
from  interfering  with  each  other  is  a  major 
challenge.  Though  there  are  standards  for 
doing  this  across  vendors,  most  mobile  opera¬ 
tors  will  stick  with  one  supplier  just  to  be  safe, 
Rehbehn  believes. 

And  Cisco,  true  to  the  words  of  CEO  John 
Chambers  last  November,  will  draw  the  line 
at  building  small  cells,  analysts  say.  “It  would 
be  a  fool’s  errand  for  them  to  make  macros” 
because  that’s  a  mature  and  slow-growing 
business  compared  with  small  cells,  Rehbehn 
says.  By  contrast,  Cisco  sees  Wi-Fi  as  the  lead¬ 
ing  edge  of  carrier  networks.  For  at  least  two 
quarters,  its  carrier  Wi-Fi  sales  have  doubled 
from  their  year-earlier  pace. 

However,  Cisco  thinks  it’s  destined  for 
more  than  leading  the  mobile  world  into  the 
Wi-Fi  era.  With  many  of  its  routers  deployed 
in  the  cores  of  mobile  networks,  and  a  grow¬ 
ing  stable  of  technologies  for  managing  sys¬ 
tems  throughout  a  carrier’s  infrastructure, 
Cisco  says  it  can  make  every  subscriber’s 
mobile  experience  better. 


Over  the  past  18  months,  Cisco  has  spent 
$1.5  billion  on  acquisitions  to  help  build  up 
the  technology  that’s  going  into  Cisco  Quan¬ 
tum,  says  Shailesh  Shukla,  vice  president  and 
general  manager  of  the  software  and  applica¬ 
tions  group  in  Cisco’s  Service  Provider  Mobil¬ 
ity  division.  The  result  will  be  an  architecture 
that  stretches  from  the  wireless  edge  of  the 
network  into  the  wired  core. 

The  software  will  be  able  to  analyze  data 
about  what’s  happening  on  the  network  in 
real  time  so  carriers  and  other  companies 
can  take  advantage  of  it,  Shukla  says.  Among 
other  things,  carriers  or  content  providers 
could  sponsor  extra  data  for  their  subscribers 
when  they  are  about  to  go  over  their  monthly 
caps.  But  Quantum  will  also  be  good  for 
overall  performance  improvements,  such  as 
ensuring  a  stadium  network  keeps  up  with 
demand  as  thousands  of  spectators  stream 
in,  he  says. 

Last  week,  Cisco  announced  that  Vodafone 
Netherlands  has  deployed  a  component  of 
Quantum  to  enable  application-level  usage 
controls  for  enterprise  customers,  among 
other  things. 

A  network-spanning  architecture  is  key 
to  making  those  visions  into  reality,  accord¬ 
ing  to  Cisco.  “You  can’t  do  this  in  piece  parts,” 
Shukla  says. 

Cisco  won’t  be  the  only  RAN  vendor  with 
its  own  wired-network  components.  Alca¬ 
tel-Lucent  has  been  taking  market  share 
from  Cisco  with  its  7750  SR  edge  router,  and 
Ericsson  is  also  inching  into  this  area  with 
its  Smart  Services  Router  line,  Yankee’s 
Rehbehn  says.  But  as  they  quickly  move 
from  traditional  telecom  infrastructure  to 
Internet  Protocol,  carriers  are  undergoing  a 
sea  change  that  could  help  to  lift  Cisco,  Reh¬ 
behn  says. 

“Operators  may  begin  to  look  very  care¬ 
fully  at  the  evolution  of  their  core  network,” 
Rehbehn  says.  ■ 


©  IT  Roadmap  Chicago  is  where 
IT  leaders  will  come  to  explore 
high-priority  IT  issues  -  and  learn 
how  to  meet  today's  requirements 
for  anytime,  anywhere  business 
interactions.  Attend  this  free  day 
(registration  is  required)  on  March 
12  at  the  Donald  Stevens  Conven¬ 
tion  Center,  tinyurl.com/y8s3k22 
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Network  World's  forum  on  Linkedln  is  the  place  for 
network  and  IT  professionals  to  offer  each  other  advice 
and  discuss  the  networking  news  of  the  day.  Network 
World  editors  are  on  hand  to  ensure  that  the  group 
remains  free  of  spam  and  vendor  spin,  and  to  give  their 
take  on  what's  important  in  networking.  Occasionally, 
they'll  poll  the  group  on  controversial  issues  and  you 
can  make  your  voice  heard. 

Ask  a  question.  Post  a  job  listing.  Connect  with 
peers.  Join  Today! 
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Cisco,  Avaya  feel  the  heat  from  Microsoft  Lync 


BYTIM  GREENE 

IT  SEEMS  Microsoft’s  unified  communica¬ 
tions  system,  Lync,  is  becoming  so  popular 
among  businesses  that  it  is  now  the  No.  1 
threat  to  the  top  vendors,  Cisco  and  Avaya. 
Cisco  this  week  launched  an  online  blogging 
campaign  to  point  out  Lync’s  shortcomings, 
and  Avaya  volunteered  a  nearly  identical  list 
of  what  it  perceives  as  Lync  limitations. 

The  fighting  words  started  on  the  eve  of 
Microsoft’s  first  Lync  Conference  last  Tues¬ 
day,  at  which  the  company  announced  a  com¬ 
bination  of  upgrades  and  road  map  destina¬ 
tions  that  address  some  of  the  issues  raised 
by  its  competitors. 

“The  Microsoft  threat  is  top  of  line  for  both 
of  these  companies  right  now,”  says  Irwin 
Lazar,  an  analyst  with  Nemertes  Research, 
which  has  been  closely  tracking  the  market 
(see  graphic,  right). 

While  their  circumstances  are  different, 
Cisco  and  Avaya  have  reason  to  worry.  “Cisco 
customers  are  more  reluctant  to  move  [to 
Lync]  because  [Cisco  UC]  is  a  more  recent 
investment,”  Lazar  says.  “Avaya  customers 
are  a  little  more  open  [to  the  change].  They 
have  [invested  in]  just  voice  and  maybe  a  con¬ 
tact  center.  Microsoft  is  a  huge  threat  for  both 
companies.” 

In  launching  what  it  describes  as  both  a 
conversation  and  a  debate,  Cisco  outlined 
what  it  sees  as  Lync  limitations. 

It  says  Microsoft  doesn’t  provide  phones, 
video  endpoints,  voice  and  video  gateways, 
networking  and  cloud  PSTN  connections  — 
leaving  customers  to  find  them  elsewhere, 
increasing  cost  and  complexity  to  implement, 
manage  and  troubleshoot  Lync  installations. 

Cisco  says  Microsoft  has  no  clear  path  for 
Lync  cloud  deployments  that  support  the 
same  functionality  as  on-site  deployments. 

Microsoft’s  Surface  tablets  and  laptops 
compete  against  other  hardware  vendors, 
Cisco  says,  which  poses  a  conflict  of  interest 
when  it  comes  to  supporting  bring-your-own- 
device  programs.  Microsoft  might  restrict 
full  Lync  features  to  Microsoft  devices  rather 
than  making  them  all  available  to  all  devices. 

Cisco  faults  Microsoft  for  not  supplying  all 
the  infrastructure  elements  needed  to  sup¬ 
port  unified  communications  and  collabora¬ 
tion.  This  means  involving  integrators. 

Cisco  also  attacks  what  it  interprets  as 
Microsoft’s  strategy  for  Skype.  It  says  in  the 
white  paper  that  Skype  will  evolve  to  run  bet¬ 
ter  on  Microsoft’s  own  software  platforms 
than  on  others,  at  least  according  to  this  state¬ 
ment  from  CEO  Steve  Ballmer:  “We  always 


Lync  grows  in  popularity 
despite  higher  total  cost 

In  2001  and  2012  Nemertes  Research  asked 
businesses  whether  they  were  using  Lync  or  had  firm 
plans  to  do  so.  Those  responding  “yes"  jumped  from 
4.9%  in  2011  to  11.2%  in  2012. 


Microsoft  Lync  as  IP  Telephony 
Replacement  Adoption 
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Meanwhile, 

Nemertes  says  Lync's  total  first-year  average  cost  per 
endpoint  is  the  highest  among  top  vendors: 


NEC 

ShoreTel 

Cisco 

Avaya 

Alcatel-Lucent 

Siemens 

Microsoft 


want  Skype  to  be  first  and  best  on  Windows.” 

For  its  part,  Avaya  raises  these  issues  plus 
a  few  more.  It  questions  whether  Lync  is  resil¬ 
ient  enough  to  provide  99.999%  uptime  for 
telephony  services,  long  the  industry  stan¬ 
dard  among  telecom  carriers,  says  Vincenzo 
Signore,  VP  of  Marketing  at  Avaya. 

He  says  Microsoft’s  video  collaboration 
in  Lync  won’t  support  as  many  on-screen 
images  of  other  participants  as  Avaya’s  Aura 
platform,  and  that  requiring  longer  contract 
commitments  for  enterprise  support  may 
force  businesses  to  be  locked  in  to  Microsoft. 

Signore  cites  a  Nemertes  study  that  finds 
Lync’s  first-year  total  costs  are  higher  than 
those  for  any  of  the  top  contenders.  While  Lync 
client  access  licenses  may  be  inexpensive,  capi¬ 
tal,  implementation  and  operational  costs  jack 
up  the  price. 

In  presentations  at  Lync  Conference  2013 
Microsoft  executives  made  announcements 
that  address  some  of  these  concerns.  “Micro¬ 
soft  filled  some  major  holes,”  Lazar  says. 

The  most  gaping  of  these  is  a  lack  of 


broad  support  for  mobile  devices.  Microsoft 
announced  support  for  voice  and  video  over 
iPhones  and  Android  devices,  as  well  as  the 
capability  to  handle  voice  over  Wi-Fi,  Lazar 
says,  along  with  administration  tools  to  use 
Wi-Fi  when  available  versus  cellular  connec¬ 
tions  as  a  cost  saving  measure.  “That  takes 
away  one  Cisco  line  of  attack  —  ‘Good  luck 
using  Lync  on  an  iPad,”’  Lazar  says. 

Microsoft  needed  a  Web  client  that  lets  Mac 
devices  participate  in  meetings,  and  having 
one  takes  a  good  talking  point  away  from 
Cisco  and  other  competitors,  Lazar  says. 

Skype  integration  with  Lync  for  voice 
calls  and  a  promise  to  include  video  calls  are 
attractive  to  business  users,  Lazar  says.  Skype 
remains  an  annoyance  to  Cisco,  Avaya,  IBM 
and  others  because  their  VoIP  platforms  are 
not  integrated  with  it.  That’s  significant  to 
businesses  in  which  Skype  has  become  a  stan¬ 
dard  for  business  communication,  he  says. 

Microsoft  says  it  will  integrate  Lync  fully 
with  Office  365,  its  cloud  application  service, 
which  would  address  another  of  Cisco’s  criti¬ 
cisms.  But  Lazar  says  this  has  been  promised 
before,  so  keep  an  eye  on  whether  it’s  delivered. 

Lync  does  lack  a  collaboration  vision, 
Lazar  says,  in  which  Lync  is  integrated  with 
other  Microsoft  platforms  such  as  SharePoint 
and  Yammer.  But  Microsoft  seems  willing  to 
forgo  that  and  remain  focused  on  competing 
for  enterprise  voice  business.  “They  think 
that’s  where  their  win  is,”  he  says 

Lync’s  attractiveness  breaks  down  when 
it  comes  to  mobile  devices  because  it  lacks 
a  unified  client.  Customers  with  an  Avaya 
mobile  client  but  a  Lync  IM  client  force  end 
users  into  switching  among  separate  applica¬ 
tions  when  they  want  to  shift  from  one  mode 
of  communication  to  the  other,  Lazar  says. 
“That’s  not  really  user-friendly.” 

Despite  the  announcements,  Lync  installa¬ 
tions  still  require  three  to  five  other  vendors 
to  supply  phones,  video  gear,  client  gateways, 
session  border  controllers,  contact  center 
software  and  the  like.  It  calls  into  question 
whom  to  choose  as  a  professional  services 
partner,  how  to  get  a  clear  picture  of  upgrade 
paths  and  who  to  blame  when  problems  arise. 

The  advice  Lazar  gives  to  his  enterprise 
clients  is  to  seek  a  holistic  answer  to  unified 
communications  problems  that  can  provide 
a  seamless  user  experience  —  one  that  sup¬ 
ports  all  modes  of  communication  readily. 

Microsoft  has  been  extremely  aggressive, 
pushing  hard  for  customers  that  use  Lync  for 
instant  messaging  to  adopt  it  for  voice  as  well. 
“It  just  makes  sense  to  ask,  ‘Could  this  be  my 
voice  platform,  too?”’  he  says.  ■ 
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TREND  ANALYSIS 


Internet  Explorer  only?  IE  doubt  it 


Neck  and  neck 

Internet  Explorer  is  getting  a  strong  push 
from  Google’s  Chrome  for  the  top  browser. 


0%  8%  16%  24%  32% 


BY  JON  GOLD 

JUST  AS  Internet  users  in  general 
have  defected  in  huge  numbers 
from  Microsoft  Internet  Explorer 
over  the  past  several  years,  the 
business  world,  as  well,  is  becom- 

IE 

ing  less  dependent  on  the  vener- 

able  browser. 

Companies  that  used  to  man- 

Chrome 

date  the  use  of  IE  for  access  to 
Web  resources  are  beginning  to 

Firefox 

embrace  a  far  more  heterodox  atti¬ 
tude  toward  Web  browsers.  While 

Safari 

IE6  hasn’t  gone  away,  the  experi- 

Opera 

ence  of  having  to  use  it  to  access 
some  legacy  in-house  Web  app  is 
becoming  less  common. 

Other 

“Things  have  changed  a  lot  in 
the  last  three  years,  and  I  think  a  lot 
of  it  has  to  do  with  the  emergence 
of  the  modern  Web  and  the  popu¬ 
larity  of  mobile.  They  have  made 
it  very  different  for  companies  to 
truly  standardize  on  a  browser,”  says  Gartner 
Research  analyst  David  Mitchell  Smith. 

One  example  of  the  changing  face  of  busi¬ 
ness  browser  use  is  SquareTwo  Financial,  a 
Denver-based  financial  services  company 
that  works  primarily  in  distressed  asset 
management.  The  firm’s  280  employees 
handle  both  consumer  and  commercial  busi¬ 
ness,  buying  and  selling  debt,  and  a  franchise 
program  means  that  there  are  upwards  of 
1,500  more  people  working  at  SquareTwo 
affiliates.  According  to  CTO  Chris  Reigrut, 
the  company  takes  in  roughly  $280  million 
in  annual  revenue. 

“In  addition  to  buying  and  selling  debt,  we 
also  provide  a  software-as-a-service  platform 
that  our  franchises  (and  we)  use  to  actually 
negotiate  and  litigate  the  debt,”  he  tells  Net¬ 
work  World. 

SquareTwo  hasn’t  needed  to  standard¬ 
ize,  he  says,  because  keeping  its  offerings 
diverse  is  part  of  the  idea  —  the  company’s 
various  online  resources  all  have  differing 
requirements. 

“We  do  distribute  Firefox  on  Windows 
systems  —  however,  Safari  and  IE  are  both 
frequently  used.  Our  internal  wiki  is  only 
officially  supported  on  Firefox  and  Safari. 
Our  SaaS  ‘client’  is  a  prepackaged  Firefox 
install  so  that  it  looks  more  like  a  traditional 
thick-client  application.  Most  of  our  employ¬ 
ees  use  their  browser  for  a  couple  of  internal 
systems,  as  well  as  several  external  services 
(i.e.,  HR,  training,  etc.),”  says  Reigrut  (who. 
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like  the  other  IT  pros  quoted  in  this  story,  is 
a  member  of  the  CIO  Executive  Council  Path¬ 
ways  program  for  leadership  development). 

The  Microsoft  faithful,  however,  are  still 
out  there.  Many  businesses  have  chosen 
to  remain  standardized  on  IE,  for  several 
reasons.  The  Hospital  for  Sick  Children 
(SickKids),  a  children’s  research  hospital 
in  Toronto,  sticks  with  Microsoft’s  browser 
mostly  for  the  ease  of  applying  updates. 

“We  have  more  than  7,000  endpoint 
devices.  Most  of  those  devices  are  Win¬ 
dows  workstations  and  Internet  Explorer  is 
included  as  part  of  the  Microsoft  Windows 
operating  system.  As  such,  this  makes  it 
easier  and  integrates  well  with  our  solution 
to  manage  and  deploy  upgrades,  patches  and 
hot  fixes  to  the  OS,  including  IE,”  says  Imple¬ 
mentations  Director  Peter  Parsan. 

‘IE  is  more  than  a  browser’ 

“Internet  Explorer  is  more  than  a  browser,  it 
is  the  foundation  for  Internet  functionality  in 
Windows,”  he  adds. 

The  complexity  of  managing  an  ecosystem 
with  more  than  100  types  of  software  —  run¬ 
ning  the  gamut  from  productivity  applica¬ 
tions  to  clinical  programs  —  requires  a  heav¬ 
ily  controlled  approach,  according  to  Parsan. 

Smith  agrees  that  IE  still  has  its  advan¬ 
tages  for  business  users  that  want  just 
such  a  strictly  regimented  technology 
infrastructure. 

“If  you  want  a  managed,  traditional  IT 


environment ...  really,  your  only 
option  is  Internet  Explorer,”  he 
says,  adding  that  both  Firefox  and 
Chrome  lag  behind  IE  in  terms  of 
effective  centralized  management 
tools. 

Some  companies,  however,  have 
gone  a  different  way  —  standard¬ 
izing  not  on  IE,  but  on  a  competing 
browser. 

Elliot  Tally,  senior  director  of 
enterprise  apps  for  electronics 
manufacturer  Sanmina,  says  his 
company’s  employees  are  highly 
dependent  on  browsers  for  busi¬ 
ness-critical  activities.  Everything 
from  ERP  to  document  control 
(which  he  notes  is  “big  for  a  manu¬ 
facturing  company”)  to  the  supply 
chain  is  run  from  a  Web  app. 

Tally  says  Sanmina  made  the 
move  to  standardize  on  Chrome  in 
2009,  in  part  because  of  a  simulta¬ 
neous  switch  to  Gmail  and  Google 
Apps  from  IE  and  Microsoft  products. 

“It  made  sense  to  go  with  the  browser  cre¬ 
ated  and  supported  by  the  company  that 
created  the  apps  we  rely  on.  Also,  Chrome 
installs  in  user  space  so  it  doesn’t  require 
admin  privileges  to  auto-update,”  he  says. 
“It  also  silently  auto-updates,  as  opposed 
to  Firefox,  which  requires  a  fresh  install 
to  update  versions,  or  IE,  which  is  similar. 
Chrome,  over  the  last  year  or  so,  has  sup¬ 
ported  Web  standards  better  than  any  other 
browser,  and  (until  recently)  has  offered  sig¬ 
nificantly  better  performance.” 

Plainly,  broad  diversity  exists  both  in  the 
actual  browsers  used  by  workers  and  the 
approaches  businesses  have  taken  in  manag¬ 
ing  their  use. 

That  diversity,  says  Smith,  is  the  reason 
Gartner  has  been  advising  clients  against 
standardization  from  the  outset. 

“Standardize  on  standards,  not  browsers,” 
he  urges.  "That  was  a  controversial  position 
for  10  years.  People  really  didn’t  agree  with 
it,  they  didn’t  listen  to  it,  and  they  paid  the 
price.” 

Microsoft,  as  well,  has  had  to  pay  a  price. 

“(Standardization]  hurts  Microsoft’s  repu¬ 
tation  as  an  innovator,  as  a  forward-thinker,” 
he  says.  “When  people’s  impression  of 
using  Microsoft  technology  —  whether  it’s  a 
browser,  whether  it’s  an  operating  system  — 
is  something  that  is  two  or  three  versions  old, 
because  they’re  dealing  with  it  through  what 
enterprises  want.”  ■ 
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HP  Converged 
infrastructure 
and  the  Cloud 

The  essential  foundation  for  any  cloud  deployment 


Duncan  Campbell  is  the  leader  of 
the  Enterprise  Group  Solutions  Mar¬ 
keting  team.  In  this  role,  Campbell 
is  responsible  for  the  Marketing 
Strategy  and  the  Solutions  content 
development  for  HP  Converged 
infrastructure.  Application  Transfor¬ 
mation,  information  Optimization, 
Security  and  Risk  Management,  Mobility  and  SMB.  Campbell 
brings  more  than  25  years  of  enterprise  and  midmarket  market¬ 
ing  experience  to  this  leadership  team. 


Duncan  Campbell 

VP  OF  MARKETING,  HP  CONVERGED 
INFRASTRUCTURE 
HEWLETT-PACKARD  COMPANY 


Duncan  Campbell,  vice  president  of 
worldwide  marketing  for  converged  infra¬ 
structure  at  HP  Enterprise  Group,  shares 
with  Computerworld  his  insights  on  the 
HP  Converged  Infrastructure. 

IT  increasingly  views  the  cloud  as  a  stra¬ 
tegic  business  enabler.  How  is  HP  help¬ 
ing  IT  departments  reach  their  cloud 
goals  more  safely,  quickly,  and  easily? 

To  truly  deliver  on  the  “services  any¬ 
where”  promise,  organizations  must  think 
differently  about  IT.  Successful  organi¬ 
zations  create  the  right  mix  of  on-  and 
off-premise  services  by  leveraging  the  best 
of  traditional  IT,  private,  managed,  and 
public  cloud  for  a  seamless  infrastructure 
experience. 

Recognizing  that  one  size  does  not  fit  all 
when  it  comes  to  cloud  adoption  is  crucial. 
To  make  the  process  easier,  faster,  and 
safer,  we  must  acknowledge  that  different 
customers  require  different  on-ramps  and 
delivery  models. 

HP  fully  understands  this.  That’s  why 
earlier  this  year  we  introduced  the  HP 
Converged  Cloud  approach  and  portfolio, 
which  delivers  solutions  based  on  a  single 
common  architecture  and  open-standards 
approach.  It  gives  customers  choice,  con¬ 
sistency,  and  confidence  across  infrastruc¬ 
ture,  applications,  and  information. 

What  is  the  relationship  between 
the  Converged  Infrastructure  and 

the  Cloud? 

The  HP  Converged  Infrastructure  helps 
IT  enable  business  success  by  accelerat¬ 
ing  the  time-to-value  of  applications  and 
services.  This  can  only  be  achieved  with  an 
infrastructure  or  data  center  that  is  simpler, 
more  flexible,  more  efficient,  and  less  ex¬ 


pensive  to  operate.  The  infrastructure  also 
needs  to  be  cloud-ready. 

That’s  exactly  what  the  HP  Converged 
Infrastructure  delivers.  Organizations  can 
build,  secure,  and  manage  their  cloud  en¬ 
vironments,  and  utilize  off-premise  cloud 
services  or  access  services  when  needed. 
This  type  of  broad  portfolio  of  integrated 
software  and  hardware  solutions  and 
services  lets  our  customers  fast-track  to  the 
cloud— in  as  little  as  one  month— or  take  a 
step-by-step  approach,  expanding  into  the 
cloud  when  their  processes,  organizations, 
and  governance  are  ready.  The  HP  Con¬ 
verged  Infrastructure,  powered  by  Intel,  is 
the  essential  foundation  for  IT  today  and 
into  the  future. 

Why  is  a  Converged  Infrastructure 
critical  for  IT  and  the  business? 

Organizations  need  the  best  infrastructure 
possible  to  compete  and  grow  in  today’s 
fast-paced,  mobile  business  world.  But 
aging  infrastructures  and  facilities  are 
limiting  business  agility  and  draining  IT 
budgets. 

Most  customers  tell  me  the  same  story: 
Their  IT  infrastructure  is  too  complex,  too 
costly  to  operate,  and  too  slow  to  respond 
to  business  needs.  What  I  hear  is  sup¬ 
ported  by  research  findings.  Organizations 
now  spend  upwards  of  70  percent  of  their 
IT  resources  on  operations  and  activities 
that  keep  the  lights  on,  as  it  were,  when 
what  they  should  be  spending  it  on  is 
innovation. 

What  differentiates  the  HP  Converged 
Infrastructure  and  cloud  approach? 

There  are  three  huge  differentiators. 

First,  HP  solutions  are  designed  upfront 
with  convergence  in  mind.  Our  R&D 


teams  develop  products  and  integrated  so¬ 
lutions  across  all  key  areas  of  IT  infrastruc¬ 
ture-servers,  storage,  networking,  data 
center  design,  and  IT  management. 

Second,  our  solutions  are  open,  not 
closed.  Our  modular  building-block  ap¬ 
proach  enables  flexibility  and  portability 
across  deployment  models,  which  is  criti¬ 
cal  for  cloud  solutions  that  must  extend 
across  infrastructure,  applications,  and 
information.  We  listen  and  don’t  dictate  to 
our  customers  choices  on  operating  sys¬ 
tems  and  hypervisors.  We’ve  built  our  HP 
Converged  Infrastructure  and  Converged 
Cloud  architecture  with  our  partners  in 
mind,  which  enables  us  to  leverage  an  al¬ 
ready  second-to-none  partner  ecosystem, 
and  train  and  deliver  the  broadest  set  of 
solutions  in  the  industry. 

Third,  as  a  trusted  technology  advisor, 
HP  brings  decades  of  proven,  reliable 
experience  helping  customers  meet  their 
most  demanding  data  center  challenges. 
It’s  our  vision  and  execution  that  gives  cus¬ 
tomers  around  the  world  the  confidence 
that  HP  is  the  right  partner  for  success. 

Please  call  HP  or  your  certified  channel 
partner  to  learn  more  what  we  can  do  to 
help  you  accelerate  IT  for  better  business 
results.  Brought  to  you  by  HP  and  Intel® 


FOR  MORE  INFORMATION:  Visit 

www.convergedinfrastructure.com 

NETWORKWORLD 

Custom  Solutions  Group 


Intel  and  the  Intel  logo  are  trademarks  of  Intel  Corporation  in  the  U.S.  and/or  other  countries. 


Take  your  big 
ideas  off  the 
back  burner. 

With  HP  Converged  Infrastructure  solutions  powered  by  Intel®,  you  can  spend 
over  70%  of  your  time  and  IT  budget  on  innovation  rather  than  operations.* 

Servers,  storage,  networking,  security,  and  management  software  all  work 
together  to  accelerate  IT,  reduce  application  provisioning  time  by  75%,  and  get 
you  ready  for  the  cloud.*  So  now  you  can  spend  more  time  on  your  big  ideas. 

The  power  of  HP  Converged  Infrastructure  is  here. 


Shift  70%  of  your  time  and  budget 
towards  innovation.  Learn  more 

at  convergedinfrastructure.com 
or  scan  the  QR  code. 
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TOOLS 

Mobility,  portability  and  applications 


f  there  are  two  terms  that  define  what  is 
driving  computing  today  they’re  mobility 
and  portability.  We  want  to  be  able  to  run 
whatever  we  want  anywhere  and  on  any¬ 
thing.  For  example,  here  in  Gearhead  last 
week  (tinyurl.com/ajgtchk)  I  looked  at  a  new 
product  that  allows  you  to  run  Android  apps 
on  Windows  and  OS  X  and,  the  vendor  claims, 
eventually  Windows  on  Android! 


I  w 

Mark  Gibbs’ Gearhead 


I  must  digress  for  a  moment  and  point 
out  that  even  app  development  tools  have 
become  capable  of  generating  code  that  rede¬ 
fines  what  it  means  to  be  portable.  LiveCode, 
a  programming  system  I  much  admire  that’s 
published  by  RunRev  (I  covered  this  com¬ 
pany  several  years  ago  when  the  language 
was  called  Runtime  Revolution),  not  only 
enables  rapid  application  development  in 
more-or-less  plain  English,  it  also  allows  you 
to  build  for  iOS,  Android,  OS  X,  Windows 
and  Linux ...  all  from  the  same  development 
system. 

RunRev  recently  started  a  Kickstarter 
campaign  (tinyurl.com/b26zgpt)  to  turn 
LiveCode  loose  as  open  source  and  make  the 
system  free  to  educational  users.  This  could 
be  huge,  but  the  campaign  needs  your  back¬ 
ing  ...  go  on,  throw  a  few  bucks  their  way 
and  let’s  make  this  happen. 

Anyway,  while  we’re  talking  about  por¬ 
tability,  I  just  came  across  a  really  cool  free, 
open  source  tool  that  delivers  portable  Win¬ 
dows  apps.  Called  PortableApps,  it  can  be 
installed  on  and  run  from  a  local  or  remote 
subdirectory,  a  USB  drive  or  cloud  storage. 

PortableApps  provides  a  menu  panel  for 
launching  applications  and  a  huge  online 
library  of  free  applications,  with  automatic 
updating  of  installed  apps,  as  well  as  por¬ 
table  storage  for  documents,  images,  music 
and  videos. 

PortableApps  even  includes  a  built-in 
backup  app  that  will  back  up  or  restore  part 
or  all  of  your  portable  system  to  or  from 
whatever  directory  you  select,  optionally 
with  compression. 


PortableApps  makes  a  great  emergency  toolkit 
for  PC  and  Internet  diagnostics. 


PortableApps  can  be  configured  to  hide 
all  desktop  icons  when  it  starts  and  change 
the  host  machine’s  wallpaper  to  a  specified 
image  and  even  load  any  special  fonts  that 
you  want  your  portable  apps  to  use. 

In  principle  any  app  can  be  used  with 
PortableApps,  but  in  practice  software  that 
hasn’t  been  engineered  to  the  PortableApps 
Format  may  not  be  as  well-behaved  as  it 
should  be  to  be  truly  portable  (programs 


may,  for  example,  modify  the  host  system’s 
Windows  registry  or  leave  files  on  the  host 
drive).  The  website  has  a  whole  section 
on  developing  and  modifying  apps  to  be 
portable. 

The  default  installation  places  Portable¬ 
Apps  in  the  Windows  system  tray.  When 
you  click  on  the  system  tray  icon  the  Porta¬ 
bleApps  menu  is  displayed,  and  when  you 
launch  an  app  the  menu  will  disappear.  I 
found  that  rather  tedious,  but  after  digging 
into  the  documentation  I  discovered  there  is 
an  option  —  “RemainVisible=True”  —  that 
you  can  add  to  the  PortableAppMenu.ini 
file  (it  goes  in  the  “DisplayOptions”  section) 
that  keeps  the  menu  on-screen  all  the  time. 
This  tweak  will  hopefully  be  included  in 
the  PortableApps  options  menu  in  a  future 
release. 

The  PortableApps  store  offers  more  than 
300  apps  and  they  are  all  free  and  legal  to 
use,  installable  by  a  single  click  (though 
sometime  it  can  take  a  couple  of  attempts 
to  get  a  connection  to  the  store),  and  will 
be  automatically  updated.  Application 
categories  include  accessibility  tools,  devel¬ 
opment  tools,  educational  software,  games, 
productivity  apps,  media  development  and 
editing  tools,  Internet  tools ...  it’s  an  incred¬ 
ible  list  that  includes  many  of  my  favorite 
Windows  utilities  such  as  FileZilla  (a  great 
FTP  client  and  server),  WinMTR  (a  ping 
and  traceroute  tool  I’ll  cover  next  week)  and 
Process  Explorer  (a  Windows  system  tool). 

I’ve  found  that  PortableApps  makes  a 
great  emergency  toolkit  for  PC  and  Internet 
diagnostics  and  I’ve  run  it  without  any 
problems  from  local  subdirectories,  USB 
drives  and  Google  Drive.  If  you  use  Win¬ 
dows,  this  is  a  great  tool  you’ll  find  all  sorts 
of  uses  for,  so  PortableApps  gets  a  Gearhead 
ratingof4.5outof5.  ■ 

Gibbs  is  not  portable  in  Ventura,  Calif.  Reveal 
your  degree  of  fixity  to  gearhead@gibbs.com 
and  follow  him  on  Twitter  and  App.net  (@ 
quistuipater)  and  on  Facebook  (quistuipater). 
And  check  out  Tech  Predictions  (www. 
polratings.com/predictions). 
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GADGETS 


Verizon’s  latest  4G  mobile 
hotspot  impresses 


Jetpack  4G  LTE 
Mobile  Hotspot 
MiFi  5510L 

by  Verizon  Wireless,  about  $200 
(currently  on  sale  for  $20  with 
online  sale,  $50  rebate  and  two- 
year  service  agreement), 
plus  monthly  data  plan 

►  What  it  is:  Like  previous  mobile  hotspot 
devices,  this  one  lets  you  connect  to  a  wire¬ 
less  WAN  (in  this  case,  Verizon’s  4G  LTE 
network)  with  your  PC/Mac  or  other  con¬ 
nected  device  like  a  smartphone  or  tablet 
via  that  device’s  Wi-Fi  connection.  Multiple 
devices  (up  to  10  devices  with  4G,  up  to  five 
over  3G,  Verizon  says)  can  share  the  MiFi 
unit’s  4G  connection,  making  this  useful 
for  small  groups  on  a  business  trip,  or  if 
you’re  traveling  alone  and  you  need  fast 
access  for  your  phone,  tablet  and  computer 
at  the  same  time. 


The  5510L  has  a  small  display  that 
provides  you  with  some  information  about 
your  connection  —  it’s  not  a  touch  screen 
like  the  AT&T  MiFi  Liberate,  but  there 
are  three  touch-enabled  icons  that  let  you 
navigate  through  menu  options  and  make 
selections.  There  is  a  tactile  on/off  button 
on  the  side  of  the  device,  next  to  a  USB 
charging  port.  You  can  charge  the  5510L 
via  your  computer’s  USB  port  or  use  the 
included  wall  connector.  The  lithium  ion 
battery  is  replaceable  should  you  need  a 
new  battery. 

The  screen  provides  information  such  as 
how  much  data  you’re  using  (very  impor¬ 
tant  if  you  have  a  small  data  cap  on  your 
monthly  plan),  the  name  of  the  SSID  and 
password  (in  case  you  want  to  easily  share 
with  colleagues),  how  many  devices  are 
connected,  an  area  for  text  messages  (the 
device  can  accept  SMS  texts  if  you  want) 
and  a  software  update  area  that  lets  you 
check  for  firmware  updates. 


Keith  Shaw’s 
Cool  Tools 


►  Why  it’s  cool:  Like  other  4G  LTE  devices, 
the  MiFi  5S10L  can  be  a  life-saver  for  mobile 
workers  who  have  to  suffer  through  bad 
hotel  or  conference  room  wireless  Internet 
connections.  I  conducted  speed  tests  of  the 
4G  network  in  two  locations  (one  from  our 
Framingham,  Mass.,  office,  which  includes 
a  4G  cell  tower  on  its  roof,  the  other  from 
my  home  outside  Worcester),  and  found  the 
speeds  much  better  than  what  I’d  get  from 

a  typical  hotel  connection.  For  example,  at 
work  I  averaged  a  16.5Mbps  download  rate 
and  12.23Mbps  upload  rate.  In  my  home 
tests,  I  averaged  15.8Mbps  download  and 
11.81Mbps  of  upload  speed.  In  both  cases, 
especially  for  upload,  this  would  far  surpass 
your  hotel  Internet  connection.  At  the  cur¬ 
rent  price  ($20),  this  is  a  great  device  to  give 
to  mobile  workers  who  might  need  some 
better  upload  speeds. 

►  Some  caveats:  Like  other  4G  LTE 
devices,  your  two  big  concerns  are  coverage 
area  and  data  caps.  Those  faster  speeds 
are  only  worth  it  if  you  are  within  a  good 
4G  LTE  area  —  if  not,  you’re  back  down 

to  3G  speeds.  Furthermore,  you  (or  your 
end  users)  will  need  to  carefully  monitor 
your  bandwidth  to  make  sure  you  don’t  go 
over  your  data  limits.  Verizon  offers  plans 
that  start  at  $50  monthly  ($20  line  charge 
plus  $30  for  4GB)  and  go  up  from  there, 
depending  on  how  much  data  you  want  to 
pay  for.  At  the  top  end,  Verizon  is  charging 
$355  per  month  ($335  plus  $20  line  charge) 
for  its  50GB  plan.  Of  course,  most  users 
won’t  likely  hit  those  caps,  but  it  could  get 
costly  if  you’re  doing  mega-downloading  or 
mega-uploading. 

►  Grade  ★★★★*  (out  of  five). 

Shaw  can  be  reached  at  kshaw@nww.com. 
Follow  him  on  Twitter:  @shawkeith. 
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Security  training: 
Requirement  or  boondoggle? 


WITHOUT  SECURITY  training 
throughout  the  enterprise,  from  end 
users  to  developers  and  even  the  C 
suite,  your  firm  puts  customers,  cor¬ 
porate  information  and  reputation  at 
high  risk. 

Case  in  point:  An  employee  at  a 
state  Department  of  Revenue  recently 
clicked  on  a  malicious  email  link,  a 
single  act  that  allowed  an  attacker 
to  obtain  3.8  million  tax  returns  con¬ 
taining  Social  Security  numbers  and 
bank  account  numbers.  Ultimately 
it  cost  more  than  $13  million  for  the 
investigation,  legal  fees  and  purchase 
of  identity  theft  monitoring  services. 

Social  engineering  attacks  have 
proven  time  and  again  that  people 
can  often  be  the  weakest  link,  but 
security  training  can  turn  the  average  user  into  a  formidable  asset. 
When  users  know  and  understand  what  traps  to  avoid  (for  exam¬ 
ple,  untrusted  websites  and  unknown  email  attachment  senders) 
and  what  technologies  to  employ  (say,  using  encryption  tools  to 
send  sensitive  information),  the  attack  surface  of  the  firm  is  greatly 
reduced.  Savvy  users  are  a  key  aspect  of  overall  security. 

But  it  doesn’t  end  with  users.  System  developers  need  education 
and  training  on  how  to  avoid  the  Common  Weaknesses  Enumera- 
tion/SANS  Top  25  Most  Dangerous  Software  Errors.  These  coding 
faults,  according  to  C  WE  and  the  SANS  Institute,  are  the  most  wide¬ 
spread  and  easy  to  exploit,  allowing  cyberattackers 
to  take  over  software  and  steal  your  data.  Training 
developers  to  recognize  the  vulnerabilities  and  how 
to  avoid  them  will  make  intrusions  into  your  sys¬ 
tems  less  likely. 

Executives  need  special  security  training,  too. 

They  occasionally  want  to  waive  or  relax  security 
measures  for  their  productivity  or  their  staff’s  con¬ 
venience;  however,  they  are  often  the  most  likely 
targets  since  they  routinely  handle  the  most  sensi¬ 
tive  information. 

Security  has  to  be  a  full  team  effort  and  it  is  not 
a  pickup  game.  Network  operations  defenders 
have  to  be  constantly  vigilant  to  stay  ahead  of  the 
threats.  If  the  first  time  net  defenders  encounter  an 
advanced  threat  is  during  a  real  attack,  they  prob¬ 
ably  will  not  be  successful  against  it.  But,  if  they 
have  trained  against  similar  scenarios,  they  will 

►  See  Security,  page  2  7 


BACK  IN  1999  Bill  Plimpton  did 
some  outstanding  animated  shorts 
for  GEICO  around  the  premise  that 
“We  all  do  Dumb  Things.”  His  little 
cartoon  character,  for  example,  can’t 
resist  pushing  a  button  while  stand¬ 
ing  in  front  of  a  canon,  resulting  in ... 
you  guessed  it. 

And  you  know  what?  We  all  do 
dumb  things.  Whether  you  later 
chalk  it  up  to  good  social  engineer¬ 
ing,  distraction  or  the  little  devil  on 
our  shoulder  whispering,  “Go  on,  do 
it,”  the  moment  will  arrive  for  all  of  us 
when  we  act  unthinkingly  or  impul¬ 
sively  and  pull  the  trigger  on  loaded 
IT  weapons  of  mass  destruction. 
Examples  abound: 

A  company  has  an  outbreak  of  a 
zero-day  malware  that  makes  it  through  three  layers  of  content 
filtering  (cloud  service,  mail  server,  desktop)  to  approximately 
1,000  mailboxes.  Only  seven  people  opened  the  attachment,  yet  it 
still  involved  dozens  of  hours  of  cleanup  by  support  staff. 

A  highly  visited  website  was  compromised  with  a  JavaScript- 
based  application.  While  the  malware  was  intercepted  by  one  of 
two  security  systems,  there  were  repeated  attempts  to  return  to 
the  URL  after  every  block/clean  warning  received  because  most 
visitors  to  the  site  considered  it  to  be  above  reproach.  In  this 
case,  while  there  was  a  good  outcome,  no  end-user  training  I  can 
think  of  would  have  prevented  an  infection  from  a 
trusted  source. 

From  a  security  standpoint  these  moments 
will  never  end,  and  no  one  has  the  budgetary 
resources  to  ensure  we  will  get  100%  never- 
going-to-do-a-dumb-thing  compliance  at  the 
endpoint  level. 

As  IT  leaders  we  cannot  train  for  this.  Statisti¬ 
cally  the  odds  are  against  us,  and  the  amount  of 
resources  that  can  be  devoted  to  IT  security  will 
always  be  finite  in  nature.  Instead,  these  resources 
should  be  devoted  to  areas  of  focus  that  will  yield 
higher  returns.  Three  examples  with  a  far  higher 
ROI  come  to  mind: 

■  Border  control  and  monitoring:  Since  the 
majority  of  compromise  efforts  today  require 
establishing  links  back  to  remote  command  and 
control  systems,  payoff  can  be  had  by  monitoring 

►  See  Boondoggle,  page  2  7 


Training  is  a 
must-have 


James  Armstrong  Jr., 
chief  information  officer 
of  the  Missile  Defense 
Agency 


Security 
training  is: 

Much-needed 


A  boondoggle 


Cast  your  vote  and  see 
comments  at 
tmyurl.com/a8h5bfp 


Strictly  a 
boondoggle 


Michael  Kohlman, 
information  systems 
manager  at  Cook  Group 
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►  Security ,  from  page  26 

know  how  to  defend  your  network  and  systems. 

And  the  training  must  be  ongoing.  Cyberactors  use  an  array  of 
tactics  and  tools  and  are  improving  their  attack  methods.  As  these 
evolve,  so  must  we  adapt  and  update  our  defenses  and  training  to 
stay  ahead  of  the  threats. 

Affordable  investments  in  security  training  can  prevent  signifi¬ 
cant  cost  and  damage  to  systems  and  will  also  ensure  employees 
understand  the  consequences  of  lost  or  stolen  information.  We 
owe  it  to  our  board  members,  our  customers  and  our  employees 
to  protect  what  we  have  worked  so  hard  to  build:  our  corporate 
success  and  reputation. 

A  knowledgeable,  trained  workforce  will  help  limit  the  attack 
surface  from  cyberthreats  and  help  ensure  we  protect  proprietary 
information,  our  customers’  data  and  successfully  execute  our 
corporate  mission. 

The  consequences  of  a  cyberattack  are  too  great  to  ignore.  Sure, 
you  will  not  be  able  to  stop  every  cyberattack.  But  security  training 
throughout  the  enterprise  is  a  core  requirement  to  keep  the  trust 
of  your  customers  and  employees,  and  to  protect  the  firm’s  hard- 
earned  reputation.  ■ 

The  Missile  Defense  Agency  (MDA)  is  a  research,  development, 
and  acquisition  agency  within  the  Department  of  Defense. 

Our  workforce  includes  government  civilians,  military  service 
members,  and  contractor  personnel  in  multiple  locations  across 
the  United  States.  For  more  information  see  www.mda.mil. 


►  Boondoggle,  from  page  26 

the  entry/exit  point  for  those  communications. 

■  Instituting  integrated  security  practices  in  all  internal  soft¬ 
ware  development  initiatives:  A  huge  return  can  be  gained  by 
training  development  and  deployment  teams  to  vet  and  ensure  all 
code  is  secure  before  being  rolled  out. 

■  Defense-in-depth:  Still  the  old  standby  and  one  of  the  best 
ways  to  ensure  that,  should  a  compromise  occur,  there  is  more 
than  one  detection  and  mitigation  method  in  place. 

The  security  role  is  a  thankless  one,  largely  because,  while 
the  war  can  be  won,  battles  will  continue  to  be  lost  along  the  way. 
We  need  to  get  past  that  fact  and  acknowledge  that  a  large  part 
of  security  is  going  to  be  an  investment  priorities  issue  where 
we  have  to  decide  what  is  giving  us  the  best  bang  for  our  buck. 
Once  that  is  done,  I  believe  it  becomes  clear  that  investing  signifi¬ 
cant  resources  in  trying  to  educate  people  about  how  to  use  IT 
securely  is  not  the  way  to  go,  given  the  number  that  will  eventu¬ 
ally  do  a  “Dumb  Thing.”  ■ 

Since  1963,  Cook  Group  companies  have  been  among  the 
leaders  in  developing  healthcare  devices  that  have  improved 
lives  around  the  world.  The  COOK  corporate  family  also  includes 
companies  that  manufacture  specialized  industrial  parts  and 
offer  commercial  services  in  the  travel,  real-estate  development 
and  management,  and  retail  fields. 
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The  politics  of  critical  infrastructure  protection 


ONE  OF  the  major  issues  Sen.  Joe  Lieber- 
man  (I-Conn.)  pushed  for  during  his  last 
few  years  in  office  was  protection  of  the 
U.S.  critical  infrastructure.  Along  with  Sen. 
Susan  Collins  (R-Maine),  Lieberman  put  forth  a  series  of  bills  aimed 
at  requiring  some  level  of  protection  for  such  infrastructure,  the  last  of 
these  being  voted  down  in  November. 

President  Obama  has  now  issued  a  “Presidential  Policy  Directive” 
on  “Critical  Infrastructure  Security  and  Resilience.”  This  directive 
was  accompanied  by  an  Executive  Order  on  “Improving  Critical  Infra¬ 
structure  Cybersecurity.”  Sadly,  the  president’s  efforts  may  turn  out  to 
be  about  as  useful  as  Lieberman’s. 

The  big  beef  against  his  bill  was  that  it  called  for  companies  to  take 
responsibility  for  the  risks  that  they  had  created.  Sen.  John  McCain 
(R-Ariz.)  headed  the  attacks  saying,  “unelected  bureaucrats  at  the  DHS 
could  promulgate  prescriptive  regulations  on  American  businesses, 
which  own  roughly  90%  of  critical  cyber  infrastructure.” 

I  will  admit  that  the  fact  that  the  Lieberman/ Collins  bill  would  have 
put  the  Department  of  Homeland  Security  in  charge  of  protecting  criti¬ 
cal  infrastructure  made  it  a  lot  harder  to  take  the  proposal  seriously. 
But  the  McCain  assumption  that  the  folks  that  run  our  power  plants, 
hospitals,  transportation  and  financial  networks  will  suddenly  wake 
up  on  their  own  and  start  protecting  the  infrastructures  they  have  so 
carelessly  and  assiduously  left  exposed  strains  credibility. 

The  Obama  executive  order  says  that  the  “critical  infrastructure”  of 
concern  is  “where  a  cybersecurity  incident  could  reasonably  result 
in  catastrophic  regional  or  national  effects  on  public  health  or  safety, 


economic  security,  or  national  security.” 

Right  now  there  is  no  actual  legal  requirement  that  the  controls  for  a 
power  company’s  plants  be  secure  from  hacking.  There  is  also  no  per¬ 
sonal  liability  for  anyone  working  at  the  power  company  if  they  do  not 
exercise  common  sense  to  try  to  protect  against  vendor  stupidity  that 
builds  in  security  vulnerabilities.  Nor  is  there  any  liability  for  a  vendor 
that  makes  insecure  products. 

There  are  regulations  that  require  hospitals  to  protect  medical 
records  and  universities  to  protect  student  educational  records,  but 
there  are  none  that  require  a  power  company  to  protect  its  generating 
capacity  or  a  hospital  to  protect  its  physical  plant  —  which  is  just  as 
important  to  patient  care  as  are  the  records.  Imagine  what  might  hap¬ 
pen  to  critically  ill  patients  in  a  hospital  in  Dallas  if  the  AC  was  turned 
off  in  mid-August. 

The  Obama  effort  bows  to  those  in  Congress  who  care  less  about 
protecting  our  health  and  safety  than  they  do  about  protecting  the 
pocketbooks  of  their  campaign  donors.  That  is  not  only  sad,  but  it  is  a 
clear  and  present  danger  to  us  all.  Prediction:  Real  requirements  and 
liability  will  be  established  in  law  only  after  a  major  example  of  why  it 
has  been  needed  for  years. 

Disclaimer:  In  spite  of  Harvard’s  feeling  of  self-importance  I  am 
not  sure  that  any  of  its  facilities  would  meet  an  objective  definition  of 
critical  infrastructure.  In  any  case,  I  have  heard  no  opinions  from  the 
university  on  this  topic,  so  the  above  lament  is  my  own.  ■ 

Bradner  is  Harvard  University's  senior  technology  consultant.  He  can 
be  reached  at  sob@sobco.com. 
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The  five  routers  we 
tested  came  in  a 
variety  of  shapes  and 
sizes,  but  all  delivered 
throughput  in  the 
range  of  350 M  to 
380Mbps. 


CLEAR  CHOICE  TEST:  802.11AC  ROUTERS 

Gigabit  Wi-Fi?  Not  so  fast. 

802.11ac  routers  average  close  to  400Mbps 
in  performance  tests  of  5  products 


BY  WAYNE  RASH 

The  newest  Wi-Fi  technology  — 
802.11ac  —  promises  blazing 
speeds  of  up  to  1.3Gbps,  accord¬ 
ing  to  claims  made  by  the  leading 
vendors. 

We  tested  five  of  the  first  802.11ac  routers 
to  hit  the  market  and  found  that  the  products 
were  indeed  fast,  and  probably  faster  than 
anything  you’ll  ever  need  for  home  office  or 
small  business  scenarios  —  but  they’re  not 
that  fast. 

Our  test  subjects  were  the  Netgear  R6300, 
Cisco’s  Linksys  EA6500,  the  Asus  RT- 
AC66U,  the  D-Link  Cloud  Router  5700  and 
the  Buffalo  Technology  AirStation  AC1300. 
Since  802.11ac  clients  aren’t  available  yet, 
we  tested  throughput  speeds  between  two 
devices  from  each  manufacturer. 

The  testing  also  examined  the  usability  of 
the  routers  on  a  day-to-day  basis.  We  wanted 
to  see  how  they  reacted  to  events  such  as  the 
loss  of  Internet  connectivity  or  power,  how 
well  they  fit  into  existing  networks  and  how 
easy  they  were  to  manage.  It  turned  out  that 
we  also  tested  how  physically  stable  they  were. 

We  found  that  regardless  of  what  brand 
of  router  you  choose,  you’re  going  to  get 
throughput  speeds  in  the  range  of  350Mbps 
to  380Mbps  with  the  router  and  media 
bridge  about  25  feet  apart.  These  numbers 
are  for  Layer  7  traffic,  which  is  what  you’ll  be 
using  when  you  stream  media. 

The  winner  in  our  testing  was  the  Netgear 
R6300,  which  delivered  top-end  perfor¬ 
mance,  was  easy  to  use  and  didn’t  suffer  from 


outage-related  problems.  Oh,  and  it  didn’t  fall 
over. 

802.11ac  basics 

The  802.11ac  Wi-Fi  standard  is  the  next  step 
beyond  802.11n.  The  new  Wi-Fi  routers  work 
in  both  the  2.4GHz  and  5GHz  bands,  and 
they’re  compatible  with  devices  using  previ¬ 
ous  standards. 

To  get  those  amazing  speeds,  802.11ac 
creates  a  channel  that’s  80MHz  wide,  and  it 
uses  MIMO  antennas  that  support  three  spa¬ 
tial  streams.  The  three  streams  make  use  of 
multi-path  signals  and  reflections  to  enhance 
the  signal. 

What  this  means  to  you  is  that  an  802.11ac 
router  will  work  with  your  existing  Wi-Fi 
hardware,  but  to  that  hardware  it’ll  just 
appear  as  a  normal  802.11n  router.  The  only 
way  to  get  the  extra  speed  is  to  use  a  compat¬ 
ible  device  on  the  other  end. 

Since  there  are  few  such  devices  available, 
the  best  way  to  actually  see  these  speeds  is 
either  to  use  a  media  access  device  or  to  use 
a  second  router  configured  as  a  media  access 
bridge.  To  see  the  extra  speed,  you  have  to 
plug  your  laptop  or  other  device  into  the 
bridge  using  wired  Gigabit  Ethernet. 

Here  are  the  individual  reviews: 

Asus  RT-AC66U 

As  was  the  case  with  the  dual-band  802.11n 
Asus  router  which  we  previously  reviewed 
(see  tinyurl.com/cca4djq),  the  Asus  device 
is  long  on  style  and  ease  of  use.  Fortunately, 
Asus  made  the  stand  that  holds  the  router 
considerably  more  robust  than  was  the  case 


on  earlier  models,  and  it  no  longer  falls  over 
when  you  attach  cables. 

The  company  has  also  created  an  app  for 
Apple  iOS  and  Android  devices  that  provides 
access  to  USB  connected  storage.  Day-to-day 
management  activity  takes  place  using  the 
built-in  management  Web  page.  Asus  pro¬ 
vides  a  service  called  AiCloud  that  lets  you 
link  the  router  to  cloud-based  storage  from 
Asus  and  from  other  cloud  providers. 

There’s  not  much  to  doing  the  basic  setup 
on  the  Asus  RT-AC66U.  Attach  the  router  to 
a  wired  Ethernet  connection  on  a  computer, 
connect  it  to  your  Internet  source  and  turn  it 
on.  Asus  includes  a  built-in  wizard  that  leads 
you  through  the  steps.  You  do  need  to  provide 
a  wireless  ID  (SSID)  for  both  the  2.4GHz  and 
5GHz  parts  of  the  router,  and  you  need  to  pro¬ 
vide  a  password.  Beyond  that,  the  process  is 
done  and  you’re  on  the  Internet. 

Setting  up  an  Asus  RT-AC66U  as  a  media 
bridge  uses  the  same  Web-based  software  as 
the  other  router  functions.  But  the  process 
only  requires  that  you  provide  the  SSID  of 
the  router  to  which  you  want  to  connect,  the 
password,  and  the  frequency  band  you  plan 
to  use.  After  that  it  works. 

I  found  the  Web-based  management  page 
to  be  intuitive  and  complete.  Despite  its  con¬ 
sumer  flash,  this  is  a  serious  router  that  can 
work  just  fine  in  small  business  applications. 
This  router  has  full  IPv6  support  and  it  has 
beamforming  to  focus  its  signals  on  devices 
that  are  using  the  router.  The  Internet  port 
supports  gigabit  speeds,  which  is  handy 
if  you  live  in  Kansas  City  where  Google  is 
installing  its  high-speed  Internet  experiment. 
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While  Asus  claims  speeds  up  to  1300Mbps, 
that’s  based  on  the  router  being  3  meters  (a 
little  over  9  feet)  from  the  media  bridge,  which 
is  unrealistic  in  the  real  world,  since  at  that  dis¬ 
tance  you  could  just  run  a  cable. 

Our  test  distance  of  25  feet  is  more  likely  to 
reflect  real-world  use.  As  you’d  expect  with 
Wi-Fi,  the  greater  the  distance,  the  lower  the 
speeds.  Because  of  this,  the  actual  measured 
Layer  7  throughput  of 360Mbps  is  consistent 
with  the  claims  from  Asus. 

These  throughput  measurements  are 
slightly  lower  than  the  other  routers  in  the 
test,  and  I  suspect  that  the  culprit  is  the  router 
part  of  the  device  rather  than  the  radios. 
Throughput  tests  using  a  wired  connection 
were  also  somewhat  slower  than  other  rout¬ 
ers  in  this  test,  averaging  700Mbps  with 
Layer  7  traffic.  In  addition,  the  Asus  router 
simply  stopped  working  at  one  point.  I  had  to 
reset  the  router  to  factory  defaults  and  start 
again  from  the  beginning. 

Overall  this  is  an  excellent  router,  and  the 
slight  differences  in  throughput  are  unlikely 
to  be  significant.  It’s  worth  noting  that  the 
Asus  RT-AC66U  seems  to  be  immune  to 
interference.  Its  wireless  performance  was 
the  same  regardless  of  how  much  Wi-Fi  inter¬ 
ference  we  provided. 

Buffalo  Technology  AirStation 
AC1300/N900  Dual  Band  Router 

Buffalo  Technology  provided  an  AC1300/ 
N450  dedicated  media  bridge  for  this  review 
along  with  the  AirStation  AC1300  router. 
When  you  get  the  Buffalo  product,  the  first 
thing  you  do  is  set  up  the  router  using  the 
wizard  that’s  built  in  to  the  firmware.  Once 
that’s  done,  you  press  the  WPS  button  on 
the  media  bridge,  then  on  the  router,  and  in 
a  minute  or  two  everything  is  set.  Unfortu¬ 
nately,  it’s  not  as  easy  as  it  should  be. 

Besides  the  fact  that  the  setup  instruc¬ 
tions  are  printed  in  a  typeface  so  tiny  they’re 
nearly  impossible  to  read,  the  instructions 


for  setting  up  the  media  bridge  are  wrong. 
The  instructions  state  that  when  the  con¬ 
figuration  is  complete,  the  indicator  light 
glows  steadily,  when  in  fact  it  flashes  quickly. 
Unless  you  check,  you’ll  never  know  whether 
the  media  bridge  is  actually  working. 

Fortunately,  you  can  ignore  the  setup  guide. 
This  router  is  basically  a  plug-and-play 
device.  As  soon  as  you  attach  it  to  the  Internet, 
a  source  of  power  and  a  computer,  then  turn 
it  on,  it  starts  working.  Of  course,  you  will 
want  to  give  it  an  SSID  and  a  password  for 
the  wireless  network,  but  the  built-in  wizard 
leads  you  through  that,  and  it  starts  running 
as  soon  as  you  connect  to  the  router. 

The  AirStation  AC1300  comes  with  a 
gigabit  Internet  port  and  the  built-in  help 
files  describe  how  to  attach  the  router  to  an 
existing  LAN,  as  well  as  how  to  configure  the 
DHCP  (Dynamic  Host  Configuration  Pro¬ 
tocol)  to  avoid  IP  address  conflicts.  There’s 
also  a  USB  port  which  an  included  instruc¬ 
tion  manual  says  will  only  work  with  a  USB 
printer.  This,  like  the  rest  of  the  printed 
documentation,  is  wrong,  since  the  USB  port 
works  just  fine  with  storage  devices. 

Most  of  the  annoyances  of  the  Buffalo  prod¬ 
ucts  are  just  that  —  annoyances.  Once  you 
have  the  router  running,  it  works  fine.  How¬ 
ever,  one  area  in  which  the  Buffalo  AirStation 
AC1300  disappointed  was  in  its  performance. 
Or  more  accurately,  in  half  of  its  performance. 
In  our  Layer  7  tests,  throughput  from  the 
router  to  the  media  bridge  was  as  fast  as 
the  fastest  —  380Mbps.  But  when  we  sent 
traffic  from  the  media  bridge  to  the  router,  it 
dropped  to  slightly  over  300Mbps. 

The  AirStation  is  the  only  router  in  this 
test  that  can  be  mounted  either  vertically  or 
horizontally,  and  it  includes  a  set  of  snap-on 
feet  to  keep  it  from  falling  over.  Beyond  that, 
the  Buffalo  AirStation  AC1300  router  is  well 
designed  and  easily  manageable. 

However,  it’s  limited  for  some  purposes 
since  it  does  not  support  IPv6.  It’s  a  good 


router  for  those  who  just  want  the  basics,  and 
who  want  an  easy  setup  with  the  media  bridge. 

D-Link  DIR-865L  Amplifi 
Cloud  Router  5700 

What  makes  D-Link  different  from  other 
routers  is  that  D-Link  gives  you  the  option 
of  setting  up  and  managing  the  router  using 
your  mobile  device.  D-Link  also  provides  iOS 
and  Android  apps  that  let  you  manage  the 
router  and  see  activity  on  the  router  (includ¬ 
ing  what  websites  people  are  using),  and  it 
will  show  you  the  devices  that  are  connected. 

You  can  also  attach  storage  to  the  USB  ports 
on  the  router  and  access  that  using  Android 
and  iOS  devices  as  well  as  any  computers 
on  the  network.  One  unfortunate  limitation 
is  that  D-Link  limits  the  size  of  your  storage 
device  to  500GB. 

Another  unfortunate  feature  of  the  D-Link 
Cloud  Router  5700  is  in  its  physical  design. 
It’s  tall  and  narrow,  and  if  you’ve  attached 
cables  to  the  Ethernet  and  Internet  ports  of 
the  router  the  weight  of  the  cables  can  make 
it  fall  over  frequently.  Those  ports  all  operate 
at  gigabit  speeds. 

D-Link  provided  a  pair  of  the  Cloud  Router 
5700  devices,  one  of  which  I  configured  as  a 
media  bridge.  The  process  starts  off  with 
D-Link’s  configuration  wizard  and  leads  you 
through  to  a  site  survey  in  which  the  new 
media  bridge  will  show  you  the  Wi-Fi  routers 
it  can  see.  You  select  one,  provide  the  neces¬ 
sary  information  such  as  the  password,  and 
you’re  connected. 

With  the  media  bridge  in  place,  the  perfor¬ 
mance  tests  revealed  that  the  Cloud  Router 
5700  provided  Layer  7  bandwidth  similar  to 
most  of  the  other  routers  —  about  375Mbps. 
The  throughput  was  the  same  in  either  direc¬ 
tion,  and  the  throughput  speeds  did  not  seem 
to  be  affected  by  interference  in  the  form  of 
other  Wi-Fi  signals. 

The  D-Link  Cloud  Router  5700  can  also 
be  configured  using  your  iOS  device  by 
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Product 

Netgear  R6300 

Cisco  Linksys  EA6500 

Buffalo  AirStation 
AC1300 

Asus  RT-AC66U 

D-Link  Cloud 
Router  5700 

Price 

$199 

$219 

$179 

$199 

$229 

Pros 

Fast,  easy  to  set  up  and 
manage,  cloud  apps 
for  management. 

Very  easy  setup  and 
management,  router  apps 
available  via  cloud. 

Fast,  very  easy  setup, 
flexible  mounting. 

Easy  to  configure 
and  manage. 

Flexible 
configuration, 
easy  setup, 
site  survey. 

Cons 

Media  bridge 
doesn’t  use  WPS. 

Can  lose  configuration 
or  access  when  Internet 
is  interrupted,  privacy 
concerns  with  cloud  access. 

Does  not  support  IPv6, 
slower  upload  speeds 
with  media  bridge. 

Slightly  slower  than 
other  routers  in  this  test, 
stopped  working  for 
unexplained  reasons. 

Falls  over 
frequently, 
storage  limits. 
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downloading  the  QRS  Mobile  app  from  the 
Apple  App  Store,  or  by  scanning  a  QR  code 
in  the  manual.  D-Link  also  provides  a  cloud 
services  app  that  lets  you  have  access  to  the 
material  stored  on  the  USB  storage  device 
attached  to  your  router.  The  cloud  services  are 
available  to  Android  and  iOS  devices. 

On  the  other  hand,  D-Link  makes  it  easy  to 
use  the  device  by  providing  wizards  for  more 
than  just  basic  setup.  For  example,  there’s  an 
IPv6  wizard  that  will  lead  you  through  the 
usually  mysterious  process  of  getting  the 
router  up  and  running  in  a  wide  variety  of 
IPv6  situations.  Considering  that  the  day  will 
come  when  your  comfortable  world  of  IPv4 
will  end,  this  could  be  a  very  useful  feature. 

Linksys  EA6500  Smart 
Wi-Fi  Wireless  Router 

The  Linksys  EA6500  Smart  Wi-Fi  Router 
depends  heavily  on  Cisco’s  cloud-based  man¬ 
agement  service  to  set  up  and  manage.  In  fact, 
the  initial  setup  of  the  device  requires  a  con¬ 
nection  to  Cisco’s  cloud  for  the  first  steps.  This 
is  handy  in  one  sense  since  it  means  that  Cisco 
(which  owns  Linksys)  can  add  or  improve 
management  features  without  requiring  a 
firmware  update. 

On  the  other  hand,  trying  to  configure  the 
Linksys  EA6500  without  an  Internet  connec¬ 
tion  becomes  problematic.  During  the  course 
of  testing,  the  EA6SOO  lost  its  Internet  connec¬ 
tion  three  times,  twice  when  Cox  Communica¬ 
tions,  which  provides  high-speed  Internet  ser¬ 
vice  to  the  lab,  had  a  glitch,  and  once  when  the 
router  was  disconnected  and  needed  its  Inter¬ 
net  settings  refreshed  after  it  was  reconnected. 

In  all  three  cases,  getting  access  to  the 
router’s  built-in  management  software  was 
difficult,  but  possible.  In  the  third  instance 
it  proved  impossible,  which  required  that 
the  router  be  reset  to  its  factory  settings  and 
started  up  like  a  new  router. 

But  the  need  to  connect  to  Cisco’s  cloud  has 
potential  privacy  issues  that  made  big  news 
in  mid-2012  when  Cisco  changed  its  terms  of 
service  to  allow  the  company  to  push  software 
updates,  record  usage  data,  and  potentially 
block  routers  from  using  some  specific  Inter¬ 
net  sites,  such  as  file-sharing  sites  suspected 
of  piracy.  Cisco  has  since  rescinded  its  unau¬ 
thorized  push  updates,  but  it  retains  the  abil¬ 
ity  to  trace  usage  information. 

Currently,  the  router  gives  you  a  set  of 
choices  when  you  try  to  browse  to  its  IP 
address  to  manage  the  device.  Either  you’re 
taken  to  a  login  screen  for  your  Cisco  cloud 
account,  with  a  link  to  let  you  log  in  to  the 
router’s  firmware  instead,  or  you’re  taken  to 
the  router’s  firmware  login,  with  a  link  allow¬ 
ing  you  to  log  in  to  the  cloud  instead.  You’re 


not  required  to  have  a  cloud  account,  so  you 
can  just  use  the  router’s  firmware  to  manage 
it,  and  you’re  not  required  to  allow  Cisco  to 
push  updates. 

The  Cisco  cloud  does  provide  a  few  router 
apps  that  you  can  use  to  control  and  monitor 
your  network  using  apps  for  iOS  and,  in  the 
case  of  access  control,  there’s  also  an  app  for 
Android.  Otherwise,  there’s  little  difference 
between  what  you  see  with  cloud  access  and 
the  local  router  management  using  the  firm¬ 
ware  on  the  device. 

Either  way,  the  management  tools  are  intui¬ 
tive  and  reasonably  straightforward.  The 
Linksys  router  was  able  to  identify  the  host 
names  of  some  of  the  network  devices,  but  not 
all  of  them.  Notably  it  seemed  unable  to  iden¬ 
tify  wireless  devices  such  as  smartphones  by 
anything  other  than  their  IPv4  address. 

However,  the  EA6500  is  able  to  be  fully 
functional  on  IPv6  assuming  your  path  to  the 
Internet  allows  it.  Unfortunately,  many  ISPs 
haven’t  implemented  IPv6  fully  yet,  so  this 
feature  remains  for  the  future,  although  this 
router  does  have  the  ability  to  connect  to  an 
IPv6  tunnel  from  a  third-party  provider. 

The  EA6500  came  to  the  test  accompa¬ 
nied  by  the  Linksys  WUMC710  Universal 
Media  Connector.  The  pair  performed  as 
well  as  any  of  the  other  802.11ac  router  pairs. 
The  throughput  speeds  were  the  same  in 
either  direction,  with  test  results  showing 
approximately  370Mbps  to  380Mbps.  Wired 
throughput  for  this  router  was  also  similar  to 
the  others,  at  about  750Mbps.  Setup  for  this 
device  consists  entirely  of  pressing  the  WPS 
buttons  on  each  media  bridge  and  the  router 
and  waiting  a  few  seconds.  The  EA6500 
includes  a  card  that  is  supposed  to  work  with 
NFC-equipped  mobile  devices  to  make  con¬ 
necting  them  automatic,  but  none  of  the  avail¬ 
able  mobile  devices  worked  with  it. 

Netgear  R6300 

The  Netgear  R6300  was  marginally  faster 
than  other  routers  in  this  test  with  through¬ 
put  numbers  at  approximately  375Mbps  to 
380Mbps.  However  the  difference  in  through¬ 
put  is  small  enough  that  you’re  unlikely  to 
ever  notice  it  in  real-world  use. 

Netgear  uses  an  application  called  Netgear 
Genie  to  configure  and  manage  the  router. 
Genie  is  included  as  a  Web  application  in  the 
router’s  firmware,  and  it’s  also  available  as 
an  application  for  Windows  and  Macintosh 
computers,  and  as  apps  for  Android  and  iOS 
devices.  Genie  is  long  on  graphical  illustra¬ 
tions  of  the  router’s  operation  and  environ¬ 
ment,  and  can  show  you  a  picture  of  your  net¬ 
work  configuration,  channel  usage  and  even 
real-time  Internet  speeds. 


The  Netgear  R6300  supports  IPv6  in  a  vari¬ 
ety  of  ways  and  will  support  third-party  tun¬ 
nels.  The  IPv6  configuration  includes  a  series 
of  menu  choices  that  let  you  tell  the  router  how 
it  should  interact  with  an  IPv6  environment, 
whether  it  should  use  an  IPv6  DHCP  server 
and  where  to  find  its  required  services.  Like 
the  other  routers,  the  Netgear  R6300  includes 
a  four-port  Gigabit  Ethernet  switch,  and  the 
Internet  port  will  support  gigabit  speeds. 

Netgear  used  a  design  similar  to  the  slanted 
panel  that  Asus  uses  for  its  router,  and  like  the 
Asus,  it’s  stable  in  this  configuration.  However, 
unlike  Asus,  it  does  not  have  those  three  exter¬ 
nal  antennas.  Netgear  said  in  its  press  informa¬ 
tion  that  the  device  includes  six  Wi-Fi  anten¬ 
nas  hidden  below  the  surface  of  the  router, 
three  each  for  2.4GHz  and  5GHz  so  that  it  can 
provide  three  spatial  streams  in  each  band. 

Netgear  sent  a  second  R6300  which  the  com¬ 
pany  had  already  configured  in  bridge  mode  to 
allow  high-speed  Wi-Fi  traffic  to  move  between 
the  two  devices.  However,  I  went  through  the 
setup  myself  after  resetting  the  second  router 
to  factory  defaults.  You  enter  the  bridge  mode 
by  using  Genie  to  set  the  required  settings, 
which  include  the  SSID  of  the  router,  the  pass¬ 
word,  the  type  of  security  and  the  frequency 
band.  While  this  isn’t  all  that  hard  to  accom¬ 
plish,  it  would  be  nice  if  Netgear  implemented 
Cisco’s  WPS  setup  method.  Fortunately,  you 
should  only  have  to  do  this  once. 

As  mentioned  before,  the  Netgear  R6300 
router  had  performance  results  as  good  or  bet¬ 
ter  than  every  other  router  in  the  test.  While 
it  supports  a  number  of  router  apps  for  your 
smartphone  and  computer,  Netgear  avoids  the 
intrusiveness  of  the  Cisco  cloud,  and  it  didn’t 
demonstrate  the  tendency  to  lose  settings,  fall 
over,  have  asymmetrical  results  or  be  overly 
complex.  Its  basic  setup  and  management 
make  Netgear’s  R6300  a  top  contender. 

Conclusions 

Of  the  five  routers  tested,  Netgear’s  R6300 
is  the  one  I’d  spend  my  own  money  on  if  I  were 
in  the  market  for  an  802.11ac  router.  It’s  fast, 
dependable,  free  of  bad  habits,  and  it’s  easy 
to  manage  on  a  day-to-day  basis.  The  router 
includes  a  number  of  handy  management 
tools,  including  the  ability  to  track  perfor¬ 
mance  over  time,  and  the  ability  to  control 
the  level  of  access  on  a  client-by-client  basis. 
It's  too  bad  there  are  no  real  client  devices 
currently  available  to  take  advantage  of  the 
R6300’s  speed  and  reliability  (or  for  that  mat¬ 
ter,  any  802.11ac  router).  Such  devices  will 
come,  eventually.  ■ 

Rash  is  a  freelance  writer  living  in  Virginia.  He 
can  be  reached  at  wrash@mindspring.com. 
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CLEAR  CHOICE  TEST:  CISCO  UCS  EXPRESS 


New  server  blades  for  branch  routers 

UCS  Express  is  fast,  easy  to  manage,  well-designed,  and  pricey 


BYJOELSNYDER 

The  Cisco  UCS  Express  family  is  a 
new  set  of  blades  that  add  high- 
performance  general-purpose 
Intel  server  capabilities  to  the 
ISR  G2  series  of  routers. 

We  tested  the  E140D,  a  midrange  blade, 
and  found  it  to  be  a  speedy,  well-designed, 
easy  to  manage,  and  good  performing  server 
—  all  stuffed  inside  of  our  existing  Cisco  3945 
ISR  G2  branch  office  router. 

Network  managers  who  need  general  pur¬ 
pose  computing  capability  will  find  the  UCS 
Express  to  be  a  convenient  and  tightly  inte¬ 
grated  device  for  branch  office  deployments. 

However,  server  managers  will  have  to  be 
convinced  to  abandon  their  stand-alone  serv¬ 
ers,  as  the  UCS  Express  comes  at  a  relatively 
high  cost  and  doesn’t  offer  the  expandabil¬ 
ity  or  configuration  flexibility  of  traditional 
offerings. 

Cisco  has  a  long  history  of  putting  general- 
purpose  computers  inside  its  routers.  Ini¬ 
tially,  these  add-in  blades  were  devoted  to 
specific  tasks,  such  as  running  Cisco  CallMa- 
nager  software. 

With  UCS  Express,  Cisco  has  thrown 
the  doors  wide  open:  You  can  run  anything 
you  want  on  it,  including  Windows,  Linux, 
VMware  ESXi,  Microsoft  Hyper-V  and  Citrix 
XenServer. 

Cisco  currently  offers  three  UCS  Express 
blades,  a  single-wide  and  two  double-wide 
versions. 

The  Cisco  UCS  Express  140S  has  a  four- 
core  Intel  CPU  and  is  a  single-wide  blade, 
meaning  that  it  takes  a  normal-size  service 
module  slot  that’s  half  as  wide  as  the  router. 
You  get  one  single-wide  slot  in  the  Cisco 
2911,  a  double-wide  slot  in  the  2921, 2951  and 
3925,  and  two  double-wide  slots  in  the  3945. 
Because  the  140S  is  only  about  7  inches  wide, 
it  has  a  more  restricted  configuration  of  hard 
drives  (maximum  of  two  2.5-inch  drives)  and 
memory  (maximum  of  two  DIMMs,  16GB) 
than  the  double-wide  versions. 

The  other  two  models  are  both  double¬ 
wide  blades.  The  Cisco  UCS  Express  140D 
(we  tested  a  beta  version  of  the  140D)  and 
160D  are  four-core  and  six-core  double-wide 
blades.  These  come  with  three  DIMM  slots 
(up  to  48GB  of  memory)  and  three  2.5-inch 
drive  bays.  If  you  want  to  put  more  than  one 
of  these  in  a  chassis  for  some  reason,  there’s 
a  complicated  set  of  rules  about  how  many 
UCS  Express  servers  will  fit  in  ISR  G2,  con¬ 
sidering  space,  cooling  and  power  require¬ 
ments,  available  on  the  Cisco  website. 
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Booting  up  UCS  Express 

Getting  started  takes  a  little  rethinking 
because  two  of  the  Ethernet  ports  on  the  UCS 
Express  blades  are  internal  to  the  ISR  G2 
router.  Rather  than  connecting  all  four  of  the 
Ethernet  interfaces  to  the  network,  we  con¬ 
nected  the  two  physical  interfaces,  and  then 
went  into  the  ISR  G2  command  line  to  control 
the  two  internal  interfaces.  Once  you  figure 
all  this  out  —  which  takes  about  30  minutes, 
tops  —  then  testing  UCS  Express  is  a  breeze. 

Because  the  blade  is  integrated  into  the 
router,  we  wouldn’t  expect  to  use  the  video 
and  keyboard  ports  on  the  blade  very  often, 
although  they  are  available.  Instead,  the  UCS 
Express  blade  uses  the  same  lights-out  man¬ 
agement  system  as  Cisco’s  larger  UCS  servers, 
the  Cisco  Integrated  Management  Controller. 

Each  UCS  Express  blade  gets  its  own  IP 
address  for  management,  which  can  be  con¬ 
nected  either  internally  through  the  ISR 
router,  or  via  an  externally  accessible  dedi¬ 
cated  management  port. 

The  particular  nature  of  the  integration 
between  the  UCS  Express  blade  and  the  ISR 
G2  router  does  present  a  few  restrictions. 
Because  the  ISR  G2  is  normally  a  router,  not  a 
switch,  you  can’t  just  sling  virtual  machines 
onto  virtual  LANs,  unless  you’ve  installed 
some  additional  hardware  to  enable  Ether¬ 
net  switching. 

This  means  that  VMs  running  on  the  UCS 
Express  blade  will  generally  be  routed,  not 
switched,  when  talking  through  the  internal 
Ethernet  connections.  That  may  be  fine  or 
even  desirable  in  some  topologies,  but  it  can 
also  be  a  confusing  restriction  to  system  man¬ 
agers  used  to  having  all  of  their  servers  on  the 
same  subnet. 

It’s  easy  to  work  around  this  problem  by 
running  a  physical  Ethernet  cable  from  one 
of  the  external  Ethernet  ports  on  the  UCS 
Express  blade  to  a  switch  somewhere  in  the 
network,  but  this  adds  complexity  and  a 
potential  failure  point.  None  of  this  is  a  show- 
stopper,  but  it  is  something  to  think  about 
before  committing  to  a  large-scale  deploy¬ 
ment  of  UCS  Express  blades  in  branch  offices. 

Although  the  Cisco  UCS  Express  blade 


shares  the  same  management  system  as  other 
UCS  servers,  it  doesn’t  integrate  into  Cisco 
UCS  Manager  tools.  Instead,  you  use  either  a 
Web  browser,  as  we  did,  or  a  command-line 
interface  to  control  the  blade  —  turning  it  on 
and  off,  managing  RAID  settings,  checking 
sensors  such  as  air  flow  and  temperature,  and 
reviewing  hardware  error  logs. 

The  Web-based  tool  also  gives  direct  access 
to  the  console,  and  provides  virtual  CD-ROM 
capabilities  for  initial  loading  of  operating 
systems. 

We  found  the  management  simple  and 
straightforward.  Although  our  beta  unit 
initially  had  an  out-of-date  firmware  load 
that  caused  it  to  shut  down  abruptly,  upgrad¬ 
ing  the  firmware  and  getting  the  Cisco  UCS 
Express  to  run  smoothly  was  a  simple  opera¬ 
tion  with  the  Web-based  GUI. 

Large  deployments  of  UCS  Express  blades 
will  also  be  eased  by  enterprise-class  features 
in  the  UCS  management  tools,  such  as  inte¬ 
gration  with  Active  Directory,  SNMP  traps 
and  configurable  alarms,  and  access  controls 
to  increase  security  of  the  management  plane. 

Running  virtual  machines 

Our  Cisco  UCS  Express  blade  came  with  two 
8GB  SD  flash  cards,  one  to  run  the  blade  itself, 
and  the  other  ready  for  the  VMware  hypervi¬ 
sor  we  loaded  on  the  blade  through  the  Web- 
based  GUI. 

We  downloaded  a  Cisco-specific  ESXi 
v5.0  image  from  VMware  (at  no  charge)  and 
installed  the  hypervisor  to  the  SD  flash  cards 
in  a  matter  of  minutes  —  once  we  gave  up  on 
making  the  KVM  work  on  a  Mac  OS  X  system 
and  jumped  to  a  Windows  client.  This  freed 
up  the  RAID  array  built  into  the  test  blade  to 
be  completely  dedicated  to  virtual  machine 
storage. 

From  there,  we  had  the  choice  of  running 
with  the  free  ESXi  license  that  VMware  offers, 
or  linking  the  blade  into  our  existing  VMware 
infrastructure.  We  started  running  stand¬ 
alone  for  a  few  weeks,  then  after  VMware 
helped  us  upgrade  to  the  latest  (v5.1)  version  of 
VMware,  we  re-licensed  the  hypervisor  so  that 
we  could  migrate  the  blade  under  the  control  of 
the  vCenter  management  system. 

For  most  enterprises,  whether  or  not  to 
upgrade  the  free  license  to  a  full  VMware 
capability  set  will  depend  heavily  on  the  kind 
of  virtual  machines  that  will  run  on  the  UCS 
Express  Blade  and  the  number  of  blades. 

The  vCenter  management  system  offers 
a  lot  of  benefits,  but  also  comes  at  a  cost, 
including  licenses  and  the  continual  heart¬ 
beat  and  performance  information  sent  back 


32  FEBRUARY  25, 2013  www.networkworld.com 


CLEAR 

CHOICE 

TESTJ^ 


NETRESULTS  iiiiiiiiimiiiiiiiiiiiiiiiimiiiiimmmiimimiimiiii 


Product 

Cisco  UCS  Express  140D  (for  ISR  G2  routers) 

Price 

A  UCS  Express  160D  blade  with  two  10K  RPM  900GB 

SAS  drives  has  a  list  price  of  about  $10,000 

Pros 

Excellent  out-of-band  management;  good  integration  with  edge 
router;  flexible  network  configuration;  attractive  CPU/memory/disk 
packaging  capable  of  running  multiple  VMs  or  stand-alone  servers. 

Cons 

Price/performance  of  the  UCS  Express  blades  not  good 
compared  to  stand-alone  server  competition. 

to  vCenter.  Many  of  the  advantages  of  vCen- 
ter,  such  as  easy  deployment  from  templates, 
won’t  be  quite  so  simple  when  working  across 
a  WAN  to  branch  office  locations,  so  network 
and  system  managers  should  consider  the 
pros  and  cons  before  committing. 

Cisco  doesn’t  require  you  to  run  the  ESXi 
hypervisor,  fully  supporting  Hyper-V  and 
XenServer  hypervisors,  as  well  as  stand¬ 
alone  operating  systems  including  several 
flavors  of  Unix  and  Windows. 

However,  we  think  that  network  and  sys¬ 
tem  managers  should  stick  with  hypervisor- 
based  deployments  for  maximum  manage¬ 
ment  capabilities  and  flexibility.  With  a 
hypervisor  in  place,  remote  operating  system 
upgrades  and  replacements  become  simpler, 
and  a  hypervisor  also  opens  the  ability  to 
easily  run  multiple  virtual  machines  and  get 
more  use  out  of  the  hardware. 

We  didn’t  look  at  performance  in  depth  on 
the  Cisco  U CS  Express  blades  because  they’re 
not  really  designed  for  compute-intensive 
environments.  However,  we  think  that  for 
most  branch  office  operations,  including  net¬ 
work  operations  such  as  file  service,  DNS/ 
DHCP,  proxies  and  other  security  functions, 
the  U CS  Express  blade  has  plenty  of  power. 

The  UCS  Express  140D  has  three  disk  slots 
and  a  built-in  RAID  controller  with  RAID  0, 1 
and  5  support.  While  Cisco  allows  you  to  put 
your  own  choice  of  2.5-inch  hard  drives  in  the 
slots,  they  offer  7200  RPM  SATA  drives,  10K 
RPM  SAS  and  self-encrypting  SAS  drives 
and  speedy  SSD  options. 

The  result  is  a  fairly  speedy  I/O  subsystem 
that  can  deliver  a  terabyte  or  more  of  fast  and 
reliable  storage  based  on  local  hard  drives. 

For  CPUs  in  the  UCS  Express  blade  fam¬ 
ily,  Cisco  has  chosen  the  low- power  version  of 
Intel’s  powerful  E3  and  E5  processor  family, 
but  these  are  still  very  hefty  processors.  For 
example,  the  low-power  Intel  E5-2418L  quad- 
core  processor  at  2.0GHz  has  about  the  same 
performance  as  an  Intel  Core  i7  quad-core 
processor  at  2.7GHz. 

Combining  this  with  a  fast  on-board  I/O 
subsystem  and,  most  importantly,  plenty  of 
memory  makes  the  Cisco  UCS  Express  blade 
perfectly  capable  of  hand  ling  multiple  virtual 
machines  at  the  same  time. 

To  test  this,  we  used  three  different  VMs: 
two  simple  Linux  systems  running  Cen- 
tOS  5.9  and  a  third  running  the  open  source 
Vyatta  router.  We  fired  up  all  three  VMs  and 
then  used  the  iperf  network  performance 
testing  tool  on  both  Linux  VMs  to  pass  traf¬ 
fic  through  the  third  VM  as  fast  as  possible. 
Since  the  traffic  was  passing  through  four 


network  interfaces,  the  maximum  600Mbps 
(without  errors)  we  achieved  translates  to  a 
total  system  throughput  of  about  2.5Gbps. 

Meanwhile,  CPU  load  was  only  21%,  indi¬ 
cating  that  our  UCS  Express  blade  had  plenty 
of  firepower  leftover. 

The  $64,000  question 

We  were  pleased  to  see  that  the  Cisco  UCS 
Express  blade  was  easy  to  configure,  fast, 
elegantly  managed  and  powerful  enough  to 
run  multiple  virtual  machines.  Now  comes 
the  hard  question:  Should  you  use  it? 

Certainly,  for  network  managers  who  need 
a  way  to  deploy  virtual  machines  for  network- 
specific  tasks,  the  UCS  Express  blade  makes  a 
lot  of  sense,  because  it  dramatically  simplifies 
deployment  and  management  of  VMs  and 
because  it’s  easy  to  switch  the  different  VMs 
onto  different  subnets,  entirely  in  software. 

However,  for  system  managers  consider¬ 
ing  replacing  on-site  servers  with  Cisco  UCS 
Express  blades,  the  decision  is  not  so  simple, 
because  the  UCS  Express  blade  does  not  have 
the  same  expansion  capability  as  a  typical 
rack-mount  server. 

For  example,  the  UCS  Express  does  not 
have  external  SCSI  ports,  making  backup 
to  a  tape  drive  difficult.  Cisco  does  offer  the 
“DP”  version  of  the  140D  and  160D,  which 
trades  off  one  of  the  disk  drives  for  a  PCI  slot, 
but  now  you’ve  lost  one-third  of  your  storage 
capacity  and  some  potential  redundancy. 

Even  if  the  UCS  Express  blades  are  not  as 
expandable,  Cisco  does  claim  that  they  will 
be  as  reliable,  if  not  more  reliable,  than  stand¬ 
alone  servers,  especially  when  installed  in 
ISR  G2  routers  with  dual  power  supplies. 
Cisco  equipment  has  an  amazing  reputation 
for  surviving  forever  in  the  dusty  and  hot 
environment  of  wiring  closets,  which  gives 
Cisco  credibility  when  it  claims  high  reliabil¬ 
ity  for  the  UCS  Express  blades. 

There  is  one  more  critical  issue  to  con¬ 
sider:  price.  Simply  put,  the  cost  of  the  Cisco 
UCS  Express  blades  is  not  competitive  with 


offerings  from  pure-play  server  vendors. 
The  low-end  UCS  Express  140S  blade  with 
two  1TB  disk  drives  and  8GB  of  memory  has 
a  list  price  of  about  $6,000.  The  equivalent 
rack-mount  server  from  Dell,  an  R210,  with 
similar  disk  and  memory,  runs  about  $1,500. 

At  the  high  end,  the  difference  is  still 
extreme.  A  UCS  Express  160D  blade  with  two 
10K  RPM  900GB  SAS  drives  has  a  list  price 
of  about  $10,000,  while  the  R320  server  from 
Dell  similarly  configured  is  about  $3,500. 

Even  with  a  discount  of  50%  off  of  Cisco’s 
list  price,  which  is  not  uncommon  for  large 
Cisco  customers,  the  UCS  Express  blades 
are  still  more  expensive  than  stand-alone 
servers.  For  one  office  or  two  the  difference  is 
minor,  but  if  you’re  thinking  of  rolling  these 
out  to  100  offices  or  more,  the  cost  difference 
becomes  significant. 

So,  why  would  anyone  pay  more  for  a 
server?  Cisco  offered  a  lot  of  reasons.  If  you’re 
in  a  space-constrained  environment,  stash¬ 
ing  the  server  in  the  router  might  be  worth 
the  extra  money.  A  single  equipment  vendor 
makes  things  simpler  for  upgrades;  one  set  of 
power  supplies  makes  for  greater  power  and 
air-conditioning  efficiency. 

What  if  you  don’t  care  about  any  of  these 
things,  and  are  just  going  through  a  normal 
upgrade  path,  swapping  out  routers  and 
servers  in  remote  branches?  Does  the  UCS 
Express  value  proposition  justify  paying 
twice  as  much  for  the  same  capabilities?  It’s 
not  an  obvious  slam-dunk.  Certainly,  some 
will  find  the  convenience  of  a  single-source 
solution,  small  form  factor  and  tight  integra¬ 
tion  into  the  ISR  a  compelling  argument. 

But  some  network  and  system  managers 
might  chafe  at  the  price  differential,  as  well  as 
the  lack  of  flexibility  and  vendor  lock-in  that 
UCS  Express  blades  bring.  ■ 

Snyder,  a  Network  World  Test  Alliance 
partner,  is  a  senior  partner  at  Opus  One 
in  Tucson,  Ariz.  He  can  be  reached  at  Joel. 
Snyder@opusl.com. 
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CLEAR  CHOICE  TEST:  CISCO  CLOUD  SERVICES  ROUTER  (CSR) 

Cisco  virtual  router  targets  the  cloud 

CSR  lOOOV  works  flawlessly,  but  beware  of  hardware  requirements,  licensing  issues 


BY  JOEL  SNYDER 

THE  CISCO  CSR  lOOOV  router  is  designed 
for  enterprise  network  managers  who  want 
to  have  a  little  piece  of  their  Cisco  infrastruc¬ 
ture  in  the  cloud. 

Whether  that’s  for  firewalling,  VPN  or 
dynamic  routing  the  idea  is  that  a  virtual 
router  gives  the  network  manager  the  flex¬ 
ibility  to  enforce  policy,  connect  or  provide 
high  availability  using  familiar  Cisco  tools 
and  technologies. 

We  tested  the  CSR  lOOOV,  a  full-featured 
IOS  XE  router  running  the  3.8S  release  of  XE 
in  a  VMware-compatible  virtual  machine. 
Does  it  work?  Yes,  in  fact,  it  works  just  fine.  It 
works  great,  actually. 

In  our  functional  testing,  the  CSR  lOOOV 
met  the  requirements  we’d  expect  for  this  type 
of  environment.  We  tried  bringing  up  VPN 
connections,  defining  firewall  and  NAT  rules, 
and  running  both  OSPF  and  BGP  routing 
protocols.  We  set  up  two  CSR  lOOOV  virtual 
machines  on  two  different  hosts,  and  used 
HSRP  to  fail  over  between  them.  We  exercised 
both  IPv4  and  IPv6,  and  we  tested  manage¬ 
ment  with  Cisco’s  command  line,  as  well  as 
SNMP  monitoring  and  remote  syslog  logging. 

The  version  of  the  CSR  lOOOV  we  tested 
is  only  supported  on  VMware’s  ESXi  5  infra¬ 
structure.  We  looked  at  an  early  release  ver¬ 
sion;  Cisco  told  us  the  virtual  appliance  should 
be  available  to  all  customers  around  March.  At 
that  time,  IOS  XE  will  be  upgraded  to  v3.9. 

We  started  out  with  the  idea  that  we’d 
put  the  CSR  lOOOV  on  our  test  VMware 
farm,  which  was  running  older  servers 
with  vSphere  v4.  The  CSR  lOOOV  not  only 
requires  vSphere  v5,  but  also  has  very  strict 
hardware  requirements,  including  a  mini¬ 
mum  of  four  physical  cores,  all  in  the  same 
socket,  dedicated  to  the  CSR  lOOOV  with¬ 
out  any  sharing,  4GB  of  memory,  and  Intel 
Nehalem  or  newer  CPUs.  Cisco  told  us  that  it 
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is  considering  allowing  future  versions  of  the 
CSR  lOOOV  to  share  CPUs  with  other  virtual 
machines,  but  the  version  we  tested  doesn’t 
have  that  option. 

Compared  to  alternative  software  router 
technologies,  the  CSR  lOOOV  is  fairly  heavy¬ 
weight.  The  requirement  for  so  many  physi¬ 
cal  cores  and  the  newer  CPUs  may  limit  the 
options  for  deploying  CSR  lOOOV  in  clouds 
running  older  hardware  or  ones  without 
quad-core  CPUs. 

Performance 

We  looked  at  performance  on  the  CSR  lOOOV 
and  found  that  it  meets  its  requirements,  but 
they’re  pretty  modest.  Cisco  technical  staff 
told  us  that  they’ve  gotten  up  to  lGbps  out 
of  the  CSR  lOOOV,  but  the  official  data  sheet 
cuts  that  number  to  50Mbps. 

Cisco  may  be  shooting  low  here,  but  we 
think  network  managers  might  be  disap¬ 
pointed  with  this  level  of  performance.  After 
all,  one  of  the  reasons  for  using  cloud  service 
providers  is  to  get  extra  bandwidth  at  lower 
cost.  The  performance  we  saw  would  be  fine 
for  typical  management  and  off-site  database 
applications,  but  you  wouldn’t  want  to  put 
the  CSR  lOOOV  in  front  of  an  Internet-facing 
Web  server  unless  the  bandwidth  require¬ 
ments  were  very  low. 

With  the  CSR  lOOOV  in  pure  routing 
mode  and  sending  and  receiving  packets 
from  external  devices  outside  of  the  VMware 
environment,  we  were  able  to  push  about 


48Mbps  through  it  before  it  started  dropping 
packets,  just  about  hitting  50Mbps.  While 
the  overall  system  CPU  wasn’t  really  break¬ 
ing  a  sweat,  one  of  the  four  cores  was  at  nearly 
100%.  Either  Cisco  is  wasting  cycles  as  part 
of  its  bandwidth  cap,  or  the  virtual  appliance 
was  topped  out.  We  confirmed  this  suspicion 
by  turning  on  firewall  and  NAT  features,  and 
got  the  same  performance,  although  with  a 
higher  CPU  load  spread  across  more  cores. 

We  validated  that  the  VMware  hardware 
we  were  using  (a  Dell  R610  server)  was  not 
the  problem  by  loading  up  the  open  source 
Vyatta  router  on  the  same  hardware  and 
pushing  500Mbps  (input)  through  the  hard¬ 
ware,  using  a  single  CPU  core  and  a  single 
external  Gigabit  Ethernet  port.  We  tested  the 
CSR  lOOOV  and  the  Vyatta  router  on  Cisco’s 
UCS  Express  hardware  —  same  results. 

With  Cisco  pushing  the  AppNav-XE  tech¬ 
nology  into  the  CSR  lOOOV,  the  low  through¬ 
put  may  inhibit  adoption  in  Internet-facing 
applications. 

AppNav  is  Cisco  coming  backward  into 
the  load  balancer  world  with  a  coordinated 
technology  that  handles  distribution  of  traffic 
from  the  WAN  into  application  servers,  such 
as  instant  messaging,  file  sharing,  Web  traffic 
and  Microsoft  Exchange. 

We  successfully  built  a  small  AppNav 
deployment,  putting  the  CSR  lOOOV  in  front 
of  two  other  virtual  machines  running  Web 
services  and  found  it  easy  to  put  together 
with  ample  documentation  —  but  we  didn’t 
stress  AppNav’s  configuration  capabilities  or 
try  and  scale  up  because  of  the  50Mbps  limit. 

Licensing 

The  CSR  lOOOV  tries  to  keep  a  fairly  light¬ 
weight  licensing  model.  Starting  with  the 
March  release,  you’ll  be  able  to  license  the 
appliance  on  a  term  basis.  This  means  that 
you  have  to  buy  a  one-,  three-  or  five-year 
license,  and  when  that  license  expires,  the 
CSR  lOOOV  throttles  traffic  down  to  2.5Mbps. 

To  lock  down  the  CSR  lOOOV  virtual 
machine  as  much  as  possible,  Cisco  has  built 
a  licensing  scheme  that  requires  a  different 
license  for  each  virtual  machine.  Although 
you  can  vMotion  the  CSR  lOOOV  all  over  your 
network  without  requiring  a  new  license,  you 
can’t  just  clone  a  legal  CSR  lOOOV  to  get  a  sec¬ 
ond  appliance  —  you  must  pay  for  and  apply 
a  different  license  to  the  cloned  VM.  ■ 

Snyder,  a  Network  World  Test  Alliance 
partner,  is  a  senior  partner  at  Opus  One 
in  Tucson,  Ariz.  He  can  be  reached  at  Joel. 
Snyder@opusl.com. 
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Product 

Cisco  CSR  lOOOV 

URL 

www.cisco.com 

Price 

$3,000  for  a  five-year  license,  including  support 

Pros 

Familiar  Cisco  IOS/IOS-XE  environment;  runs  IOS  features 
flawlessly;  AppNav  cleanly  integrated  for  scalability  and  high 
availability;  easy  to  deploy  in  a  VMware  environment. 

Cons 

Requires  heavy  resources  for  a  50Mbps  router;  limited  virtualization 
environment  support  (in  this  version);  licensing  and  performance  limits 
may  restrict  overall  adoption  compared  with  alternative  virtual  appliances. 
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patented  newest  innovation  from  Server  Tech,  inventors  of  the  Intelligent  PDU. 
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Server  Technology 
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©2013,  Server  Technology,  Inc 
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Big  Data,  Big  Biz,  Big  Gov’t,  Bigger  Brother 


IN  HIS  1990  book  “The  New  Realities,” 
Peter  Drucker  noted:  “Knowledge  is  infor¬ 
mation  that  changes  something  or  some¬ 
body  —  either  by  becoming  grounds  for  action,  or  by  making  an 
individual  (or  an  institution)  capable  of  different  and  more  effective 
action.”  And  that  is  what  Big  Data  is  delivering ...  new  knowledge,  new 
insights  and  new  actions,  all  of  which  will  give  us  new  problems. 

Already  Big  Data  is  making  an  impact  in  government,  which,  when 
you  think  of  it,  is  kind  of  a  “slam  dunk”  given  that  bureaucracy  and 
huge  amounts  of  data  always  go  hand  in  hand.  So,  it  will  come  as  no 
surprise  that  a  recent  study  conducted  by  the  TechAmerica  Founda¬ 
tion  and  commissioned  by  SAP  AG,  discovered  that  “82%  of  public 
IT  officials  say  the  effective  use  of  real-time  Big  Data  is  the  way  of  the 
future.”  Moreover,  “83%  of  Federal  IT  officials  say  Big  Data  can  save 
10%  ($380  billion)  or  more  from  the  federal  budget,  or  about  $1,200 
per  American.”  Wow!  Sounds  fantastic! 

The  study  also  found  that  officials  cited  the  potential  of  Big  Data 
in  lifesaving,  crime  reduction  and  improving  the  quality  of  citizens’ 
lives.  All  of  these  advances  come  from  using  predictive  analytics  to 
mine  Big  Data,  for  example,  to  “develop  predictive  models  about  when 
and  where  crimes  are  likely  to  occur.”  It  also  noted  that  if  the  govern¬ 
ment  can  gain  “insight  into  huge  volumes  of  data  across  agencies,  the 
government  can  provide  improved,  personalized  services  to  citizens.” 

That  sounds  great  too!  We’ll  get  better  services  for  less  money!  Woo- 
hoo.  But,  wait!  Hold  hard!  Any  smart  person  has  to  wonder  what  gov¬ 
ernment  IT  people  see  as  the  negatives. 

First,  Big  Data  comes  with  a  big  price  tag  and  the  study  showed 


officials  get  this.  Good.  Next  was  “a  lack  of  clarity  about  Big  Data’s  level 
of  ROI.”  Very  good!  And  the  biggest  negative?  “The  biggest  barrier  for 
taking  advantage  of  Big  Data  is  privacy  concerns,  according  to  47%  of 
federal  IT  officials.  Officials  believe  the  challenge  will  be  explaining 
that  Big  Data  analytics  is  not  equivalent  to  ‘Big  Brother.’” 

On  the  last  point,  the  officials  are  staggeringly  wrong.  How  will  it 
would  be  possible  for  Big  Data  analytics  not  to  become  “Big  Brother”! 

Already  Big  Data  and  predictive  analytics  in  corporate  hands  has 
demonstrated  unexpected  consequences  (see  the  story  of  Target’s  data 
mining  program  to  identify  pregnant  women  for  a  targeted  marketing 
campaign  which  I  discussed  almost  a  year  ago  at  tinyurl.com/beggeqq). 

Now,  combine  those  corporate  Big  Data  resources  with  the  real  pos¬ 
sibility  of  the  government  being  able  to  access  them  through  the  provi¬ 
sions  of  the  newly  resurrected  Cyber  Intelligence  Sharing  and  Protec¬ 
tion  Act  (CISPA)  —  of  which  bill  sponsor  Rep.  Dutch  Ruppersberger 
said  he  didn’t  see  any  reason  why  businesses  needed  to  hide  personal 
data  from  the  government  —  and  throw  in  a  generous  helping  of  mis¬ 
sion  creep  and  what  have  you  got?  Bigger  Brother  on  steroids. 

The  first  thing  you  can  do  about  this  is  make  sure  that  CISPA  and  the 
inevitable  procession  of  similar  legislation  that  will  follow  gets  as  little 
traction  as  possible  by  joining  organizations  such  as  Demand  Progress 
to  petition  congress  to  stop  the  insanity.  The  second  thing?  Brace  your¬ 
self,  because  Predictive  Big  Data  Analytics  will  be  part  of  government 
faster  than  you  can  say  “fiscal  cliff.”  As  for  a  third  thing,  pray.  ■ 

Gibbs  has  his  fingers  crossed  in  Ventura,  Calif.  The  government 
already  knows  what  you  think  but  tell  backspin@gibbs.com  anyway. 
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Phishing  concerns  cause  double  trouble 


EPISODE  1:  Last  week  the  administrators 
of  7,000  university  websites  were  being 
called  upon  to  change  their  .edu  domain 
account  passwords  after  a  security  breach.  Trouble  was  that  the  breach 
had  been  reported  to  the  admins  by  Educause  —  the  non-profit  higher- 
education  IT  group  that  runs  .edu  —  via  an  email  that  some  recipients 
complained  bore  markings  of  a  phishing  attempt. 

The  notification  was  legit ...  but  so  were  the  phishing  concerns. 

The  notification  included  links  to  a  third-party  website  that  made  it 
"impossible  to  differentiate  from  a  phishing  e-mail,”  according  to  one 
Educause  member.  Another  initially  sounding  the  alarm  was  Purdue 
computer  science  professor  and  security  expert  Gene  Spafford,  who  in 
a  listserv  reply  called  the  email  “a  reasonably  good  fake.” 

Spafford  expounded  on  his  concern  in  a  subsequent  email  to  me: 

“Organizations  should  structure  their  email  to  reinforce  avoidance 
of ‘pi  fishing’  email,”  he  said.  “Thus,  including  clickable  links  and  using 
links  to  unidentified  third  parties  should  be  avoided,  because  these  are 
standard  in  phishing  email. 

“The  EDUCAUSE  [password]  reset  message  was  especially  egre¬ 
gious  because  it  so  resembled  a  standard  phishing  approach:  ‘Your 
password  needs  to  be  reset  now!  Click  on  the  following!’  where  the 
embedded  link  went  to  a  third-party  site  with  ‘educause’  embedded  in 
the  URL  along  with  a  sequence  of  meaningless  characters.  Given  what 
is  known  about  phishing  and  user  behavior,  this  was  bad  form.  For  an 
education-oriented  organization  to  do  this  is  particularly  troubling.” 

EPISODE  2:  Fed  up  with  phishers  using  Google  Forms  to  comman¬ 
deer  campus  email  accounts  as  spam  engines,  Oxford  University 


recently  blocked  access  to  Google  Docs  for  two  and  a  half  hours  in  what 
it  called  an  “extreme  action”  designed  to  get  the  attention  of  both  its 
users  and  Google. 

Well,  the  ill-conceived  move  generated  attention,  all  right,  mostly  in 
the  form  of  widespread  complaints  and  criticism. 

From  a  lengthy  Oxford  blog  post  attempting  to  explain  the  decision: 
‘Seeing  multiple  such  incidents  the  other  afternoon  tipped  things  over 
the  edge.  We  considered  these  to  be  exceptional  circumstances  and  felt 
that  the  impact  on  legitimate  University  business  by  temporarily  sus¬ 
pending  access  to  Google  Docs  was  outweighed  by  the  risks  to  Univer¬ 
sity  business  by  not  taking  such  action. ...  A  temporary  block  would  get 
users’  attention  and,  we  hoped,  serve  to  moderate  the  ‘chain  reaction.’” 

They  apparently  got  more  than  they  had  bargained  for. 

“It  is  fair  to  say  that  the  impact  on  legitimate  business  was  greater 
than  anticipated,  in  part  owing  to  the  tight  integration  of  Google  Docs 
into  other  Google  services.” 

While  there  was  no  shortage  of  sympathy,  rejection  of  Oxford’s  cho¬ 
sen  course  of  action  was  universal  near  as  I  could  tell.  Here’s  one  exam¬ 
ple  plucked  from  the  comments  on  the  university’s  blog  post:  “Aren’t 
you  guys  closing  the  wrong  door?  If  the  spam  problem  is  volume,  why 
not  implement  an  email  quota  for  your  users?  100  emails  a  day?  Come 
on  guys,  if  a  university  of  your  prestige  can’t  deal  with  that,  who  can?” 

So  what  have  we  learned  here? 

Don’t  put  third-party  links  in  your  email  asking  users  to  reset  their 
passwords. ...  And  don’t  throw  Google  out  with  the  bath  water.  ■ 

Other  suggestions?  The  address  is  buzz@nww.com. 
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achine  data  goes  in. 

Business  insight  comes  out. 

Our  software  turns  your  massive  streams  of  machine  data  into 
business  insights  by  making  sense  of  website  clickstreams, 
mobile  devices,  applications  and  other  technologies  that  drive 
your  business.  It’s  what  our  market-leading  customers  call 
real-time  Ooerational  Intelligence. 
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SMARTER  TECHNOLOGY  FOR  A  SMARTER  PLANET 


FROM  COMMODITIZED 


\  I  / 


CLOUD’S  STEADY  CLIMB. 
Rising  customer  expectations. 
Emerging  competitors. 
Keeping  up  with  innovation. 
These  are  the  mounting 
challenges  that  business 
leaders  face  every  day.  And 
they  are  looking  to  their 
CIOs  for  answers.  Cloud  is 
on  everyone’s  lips,  but  there’s 
more  than  one  way  to  get 
there — opportunities  change 
from  industry  to  industry, 
business  to  business,  person 
to  person. 


a 

Annual  growth  in  global 
cloud  computing  through  2020* 


FORM  FITTING. 

For  the  most  basic  cloud 
services,  many  companies 
can  deploy  a  one-size-fits-all 
model.  But  when  it  comes  to 
the  mission-critical,  business- 
transformational  variety,  a 
cloud  strategy  should  fit  the 
organization’s  specifications, 
not  the  vendor’s.  And  IBM 
SmartCloud™  offers  a  level  of 
ease,  expertise  and  flexibility 
you  won’t  find  in  a  “my-way- 
or-the-highway”  approach. 


TO  CUSTOMIZED. 


PRESSURE  TESTED. 

Take  EXA  Corporation,  a 
systems  integration  and  services 
provider  for  key  industries 
in  Japan.  With  hundreds  of 
servers  across  its  offices, 
security  fears  stunted  EXAs 
cloud  aspirations.  Then  they 


Clouds  tailored  to 
any  industry. 


Clouds  that  address 
your  security  needs. 


Businesses  adopted 
IBM  SmartCloud 
products  and  offerings 
in  the  last  two  years. 


THE  CLOUD  UNBOUND. 
Locked-in  standardizations 
get  businesses  only  so  far. 
Choice  and  control  are 
the  keys  to  rethinking  IT 
and  reinventing  business 
without  limits. 
ibm.com/customizedcloud 


LET’S  BUILD  A 
SMARTER  PLANET. 


Clouds  with  choice: 
private ,  public  or  hybrid. 


tried  the  security-rich,  hybrid 
cloud  route.  Nimble  enough 
to  launch  new  services  and 
flexible  enough  to  scale  nicely 
with  existing  IT,  the  solution 
kept  costs  and  user  access 
safely  in  line. 
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Customize  your  cloud 
using  open  standards 
and  IBM  SmartCloud. 
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